Yonyou < 9.0 - SQL Injection via gwbhAIM Parameter in saveMove.jsp
SQL Injection vulnerability in Yonyou space-time enterprise information integration platform v.9.0 and before allows an attacker to obtain sensitive information via the gwbhAIM parameter in the saveMove.jsp in the hr_position directory.