A vulnerability was found in RuvarOA 6.01/12.01. It has been classified as critical. This affects an unknown part of the file get_company.aspx. The manipulation of the argument txt_keyword leads to sql injection.
This vulnerability is uniquely identified as CVE-2024-25521. It is possible to initiate the attack remotely. There is no exploit available.