GHSA-vj97-338f-28ppMediumCVSS 7.3

A vulnerability was identified in Hanwang e-Face General Management Platform 6.3.5.4. This...

Published
July 5, 2026
Last Modified
July 5, 2026

🔗 CVE IDs covered (1)

📋 Description

A vulnerability was identified in Hanwang e-Face General Management Platform 6.3.5.4. This impacts an unknown function of the file /sysAuthStr/querySysAuthStr.do. The manipulation of the argument order leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.

🔗 References (7)