Hailey888

Oa System

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2025-29688

Exploit
  • EPSS 0.06%
  • Veröffentlicht 14.05.2025 00:00:00
  • Zuletzt bearbeitet 29.05.2025 19:59:24

A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter at /daymanager/daymanageabilitycontroller.java.

6.1

CVE-2025-29689

Exploit
  • EPSS 0.06%
  • Veröffentlicht 14.05.2025 00:00:00
  • Zuletzt bearbeitet 29.05.2025 19:59:32

A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the password parameter at /mail/MailController.java.

6.1

CVE-2025-29690

Exploit
  • EPSS 0.06%
  • Veröffentlicht 14.05.2025 00:00:00
  • Zuletzt bearbeitet 29.05.2025 19:59:43

A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the outtype parameter at /address/AddrController.java.

6.1

CVE-2025-29691

Exploit
  • EPSS 0.06%
  • Veröffentlicht 14.05.2025 00:00:00
  • Zuletzt bearbeitet 29.05.2025 19:33:01

A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the userName parameter at /login/LoginsController.java.

6.1

CVE-2025-29686

Exploit
  • EPSS 0.06%
  • Veröffentlicht 14.05.2025 00:00:00
  • Zuletzt bearbeitet 29.05.2025 19:59:17

A cross-site scripting (XSS) vulnerability in OA System before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter at /inform/InformManageController.java.

6.1

CVE-2025-3392

Exploit
  • EPSS 0.11%
  • Veröffentlicht 08.04.2025 01:00:16
  • Zuletzt bearbeitet 07.05.2025 16:40:38

A vulnerability was found in hailey888 oa_system up to 2025.01.01 and classified as problematic. Affected by this issue is the function Save of the file cn/gson/oasys/controller/mail/MailController.java of the component Backend. The manipulation of t...

6.1

CVE-2025-3391

Exploit
  • EPSS 0.12%
  • Veröffentlicht 08.04.2025 00:31:08
  • Zuletzt bearbeitet 07.05.2025 17:16:59

A vulnerability has been found in hailey888 oa_system up to 2025.01.01 and classified as problematic. Affected by this vulnerability is the function outAddress of the file cn/gson/oass/controller/address/AddrController. java of the component Backend....

6.1

CVE-2025-3390

Exploit
  • EPSS 0.11%
  • Veröffentlicht 08.04.2025 00:00:20
  • Zuletzt bearbeitet 07.05.2025 17:21:07

A vulnerability, which was classified as problematic, was found in hailey888 oa_system up to 2025.01.01. Affected is the function addandchangeday of the file cn/gson/oass/controller/daymanager/DaymanageController.java of the component Backend. The ma...

6.1

CVE-2025-3389

Exploit
  • EPSS 0.11%
  • Veröffentlicht 07.04.2025 23:31:08
  • Zuletzt bearbeitet 07.05.2025 16:59:00

A vulnerability, which was classified as problematic, has been found in hailey888 oa_system up to 2025.01.01. This issue affects the function testMess of the file cn/gson/oasys/controller/inform/InformManageController.java of the component Backend. T...

6.1

CVE-2025-3388

Exploit
  • EPSS 0.15%
  • Veröffentlicht 07.04.2025 23:00:14
  • Zuletzt bearbeitet 07.05.2025 16:51:58

A vulnerability classified as problematic was found in hailey888 oa_system up to 2025.01.01. This vulnerability affects the function loginCheck of the file cn/gson/oasys/controller/login/LoginsController.java of the component Frontend. The manipulati...