ByteOS Network

jinher

Source -

NVD

BOS Name -

N/A

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2025-7824

Assigner-VulDB

View Details

Assigner-VulDB

CVSS Score-6.9||MEDIUM

EPSS-0.04% / 10.07%

7 Day CHG-0.03%

Published-19 Jul, 2025 | 13:02

Updated-26 Aug, 2025 | 13:51

Jinher OA XmlHttp.aspx xml external entity reference

A vulnerability was found in Jinher OA 1.1. It has been rated as problematic. This issue affects some unknown processing of the file XmlHttp.aspx. The manipulation leads to xml external entity reference. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Vendor-jinher Jinher

Product-jinher_oa OA

CWE ID-CWE-610

Externally Controlled Reference to a Resource in Another Sphere

CWE ID-CWE-611

Improper Restriction of XML External Entity Reference

CVE-2025-7523

Assigner-VulDB

View Details

Assigner-VulDB

CVSS Score-6.9||MEDIUM

EPSS-0.06% / 19.01%

7 Day CHG-0.01%

Published-13 Jul, 2025 | 07:02

Updated-26 Aug, 2025 | 12:37

Jinher OA DelTemp.aspx xml external entity reference

A vulnerability was found in Jinher OA 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /c6/Jhsoft.Web.message/ToolBar/DelTemp.aspx. The manipulation leads to xml external entity reference. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Vendor-jinher Jinher

Product-jinher_oa OA

CWE ID-CWE-610

Externally Controlled Reference to a Resource in Another Sphere

CWE ID-CWE-611

Improper Restriction of XML External Entity Reference