High
CVSS 8.1
Overview
SQL Injection vulnerability in cnhcit.com Haichang OA v.1.0.0 allows a remote attacker to obtain sensitive information via the if parameter in hcit.project.rte.agents.UploadImages.class.
CVE-2024-32323
SQL Injection vulnerability in cnhcit.com Haichang OA v.1.0.0 allows a remote at...
Risk analysis
This vulnerability is rated 🟠 HIGH.
- CVSS: 8.1 (HIGH)
- Detected tags: sql (tag impact: MODERATE)
Recommended actions:
- Use parameterized queries/ORM (avoid string concatenation).
- Add WAF rules and input validation.