Vendor
oa_system
Products
1
CVEs
3
Across products
3
Status
Private
Products
1- 3 CVEs
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-44034 | 0.00 | — | 0.00 | Sep 16, 2025 | SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the alph parameters in src/main/Java/cn/gson/oasys/controller/address/AddrController | |||
| CVE-2025-29592 | 0.00 | — | 0.00 | Sep 10, 2025 | oasys v1.1 is vulnerable to Directory Traversal in ProcedureController. | |||
| CVE-2025-44033 | 0.00 | — | 0.01 | Aug 29, 2025 | SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the allDirector() method declaration in src/main/java/cn/gson/oasys/mappers/AddressMapper.java |
- CVE-2025-44034Sep 16, 2025risk 0.00cvss —epss 0.00
SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the alph parameters in src/main/Java/cn/gson/oasys/controller/address/AddrController
- CVE-2025-29592Sep 10, 2025risk 0.00cvss —epss 0.00
oasys v1.1 is vulnerable to Directory Traversal in ProcedureController.
- CVE-2025-44033Aug 29, 2025risk 0.00cvss —epss 0.01
SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the allDirector() method declaration in src/main/java/cn/gson/oasys/mappers/AddressMapper.java