VYPR
Vendor

Oasys

Products
2
CVEs
4
Across products
4
Status
Private

Products

2

Recent CVEs

4
  • CVE-2025-44033CriAug 29, 2025
    risk 0.64cvss 9.8epss 0.01

    SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the allDirector() method declaration in src/main/java/cn/gson/oasys/mappers/AddressMapper.java

  • CVE-2025-44034HigSep 16, 2025
    risk 0.52cvss 8.0epss 0.00

    SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute arbitrary code via the alph parameters in src/main/Java/cn/gson/oasys/controller/address/AddrController

  • CVE-2024-48270HigNov 1, 2024
    risk 0.49cvss 7.5epss 0.01

    An issue in the component /logins of oasys v1.1 allows attackers to access sensitive information via a burst attack.

  • CVE-2021-40644MedMar 30, 2022
    risk 0.42cvss 6.5epss 0.01

    An SQL Injection vulnerability exists in oasys oa_system as of 9/7/2021 in resources/mappers/notice-mapper.xml.