Filtered by vendor Aaluoxiang Subscriptions
Filtered by product Oasys Subscriptions

Search

Switch to Advanced Search (Beta)
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-29592 1 Aaluoxiang 1 Oasys 2025-09-22 5.6 Medium
oasys v1.1 is vulnerable to Directory Traversal in ProcedureController.
CVE-2025-44034 1 Aaluoxiang 1 Oasys 2025-09-20 8.0 High
SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the alph parameters in src/main/Java/cn/gson/oasys/controller/address/AddrController
CVE-2025-44033 1 Aaluoxiang 1 Oasys 2025-09-09 9.8 Critical
SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the allDirector() method declaration in src/main/java/cn/gson/oasys/mappers/AddressMapper.java