l8l1

1 exploit Active since Feb 2024
CVE-2024-24256 WRITEUP MEDIUM WRITEUP
Yonyou < 9.0 - SQL Injection via gwbhAIM Parameter in saveMove.jsp
SQL Injection vulnerability in Yonyou space-time enterprise information integration platform v.9.0 and before allows an attacker to obtain sensitive information via the gwbhAIM parameter in the saveMove.jsp in the hr_position directory.
CVSS 5.9