CVE-2026-1132
SQL Injection in Yonyou KSOA 9.0 /kmf/edit_folder.jsp
Publication date: 2026-01-19
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| yonyou | ksoa | 9.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-1132 is a SQL injection vulnerability in Yonyou KSOA version 9.0, specifically in the file /kmf/edit_folder.jsp. The vulnerability occurs because the application takes untrusted input from the HTTP GET parameter 'folderid' and directly concatenates it into a SQL query without proper validation or parameterization. This allows an unauthenticated remote attacker to inject malicious SQL commands, potentially gaining unauthorized access to the database, leaking sensitive data, tampering with data, or even gaining administrative control over the database server. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can have severe impacts including unauthorized access to the backend database, leakage of sensitive information, data manipulation or tampering, and potentially full administrative control over the database server. Since no authentication is required to exploit this flaw, attackers can remotely execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the affected system. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the /kmf/edit_folder.jsp endpoint for SQL injection via the folderid HTTP GET parameter. One suggested command is using sqlmap to test the parameter, for example: sqlmap -u "http://target/kmf/edit_folder.jsp?folderid=1" --dbms=mssql --technique=BEUSTQ --time-sec=5. Additionally, time-based payloads such as folderid=1';WAITFOR DELAY '0:0:5'-- can be used to detect SQL injection by observing response delays. Vulnerable targets can also be identified using Google dorking with queries like "inurl:kmf/edit_folder.jsp" to find exposed endpoints. [1, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include implementing prepared statements (parameterized queries) to ensure user input is treated as data, not executable code; enforcing strict input validation on the folderid parameter to allow only expected characters (e.g., integers); deploying a Web Application Firewall (WAF) to detect and block SQL injection attempts; and disabling detailed database error messages on the frontend to prevent information leakage. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthorized remote attackers to perform SQL injection, leading to unauthorized database access, sensitive data leakage, and data tampering. Such exposure and compromise of sensitive data can result in non-compliance with data protection regulations like GDPR and HIPAA, which mandate the protection of personal and sensitive information. Therefore, this vulnerability poses a significant risk to compliance with these common standards and regulations. [1, 2, 3]