VYPR

oasys

by Oasys

CVEs (2)

  • CVE-2025-44034HigSep 16, 2025
    risk 0.52cvss 8.0epss 0.00

    SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the alph parameters in src/main/Java/cn/gson/oasys/controller/address/AddrController

  • CVE-2024-48270HigNov 1, 2024
    risk 0.49cvss 7.5epss 0.01

    An issue in the component /logins of oasys v1.1 allows attackers to access sensitive information via a burst attack.