oasys

CVEs (3)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2025-44034	oa_system oasys	—	0.00	Sep 16, 2025	SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the alph parameters in src/main/Java/cn/gson/oasys/controller/address/AddrController
CVE-2025-29592	oa_system oasys	—	0.00	Sep 10, 2025	oasys v1.1 is vulnerable to Directory Traversal in ProcedureController.
CVE-2025-44033	oa_system oasys	—	0.01	Aug 29, 2025	SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the allDirector() method declaration in src/main/java/cn/gson/oasys/mappers/AddressMapper.java

CVE-2025-44034Sep 16, 2025
oa_system
oasys
risk 0.00cvss —epss 0.00
SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the alph parameters in src/main/Java/cn/gson/oasys/controller/address/AddrController
CVE-2025-29592Sep 10, 2025
oa_system
oasys
risk 0.00cvss —epss 0.00
oasys v1.1 is vulnerable to Directory Traversal in ProcedureController.
CVE-2025-44033Aug 29, 2025
oa_system
oasys
risk 0.00cvss —epss 0.01
SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the allDirector() method declaration in src/main/java/cn/gson/oasys/mappers/AddressMapper.java