CVE-2026-14737
HIGH SEVERITYCVSS Score & Metrics
Base Score
7.3 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Description
A vulnerability was identified in Hanwang e-Face General Management Platform 6.3.5.4. This impacts an unknown function of the file /sysAuthStr/querySysAuthStr.do. The manipulation of the argument order leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-74
Source
NVD
Vendor
Hanwang
Product
e-Face General Management Platform
Discussion (0)
Add Comment
No comments yet. Be the first!