Tag
A remote SQL injection vulnerability (CVE-2026-14737) affects Hanwang e-Face General Management Platform version 6.3.5.4, specifically within the `/sysAuthStr/querySysAuthStr.do` file, triggered by manipulating argument order, allowing remote attackers to potentially gain unauthorized access to or modify database contents with a publicly available exploit.