hndky

2 exploits Active since Nov 2024
CVE-2025-57529 NOMISEC CRITICAL WORKING POC
YouDataSum CPAS Audit Management System <=4.9 - SQL Injection via /cpasList/findArchiveReportByDah
YouDataSum CPAS Audit Management System <=v4.9 is vulnerable to SQL Injection in /cpasList/findArchiveReportByDah due to insufficient input validation. This allows remote unauthenticated attackers to execute arbitrary SQL commands via crafted input to the parameter. Successful exploitation could lead to unauthorized data access
CVSS 9.8
CVE-2024-50724 WRITEUP CRITICAL WRITEUP
KASO v9.0 - SQL Injection via person_id Parameter
KASO v9.0 was discovered to contain a SQL injection vulnerability via the person_id parameter at /cardcase/editcard.jsp.
CVSS 9.8