29Oca
CVE-2024-1012 | Wanhu ezOFFICE 11.1.0 wf_printnum.jsp recordId sql injection
A vulnerability, which was classified as critical, has been found in Wanhu ezOFFICE 11.1.0. This issue affects some unknown processing of the file defaultroot/platform/bpm/work_flow/operate/wf_printnum.jsp. The manipulation of the argument recordId leads to sql injection. The identification of this vulnerability is CVE-2024-1012. The attack may be initiated remotely. Furthermore, there is an exploit available.