Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Kashipara Group — Vulnerabilities & Security Advisories 32

Browse all 32 CVE security advisories affecting Kashipara Group. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Kashipara Group operates as a provider of enterprise software solutions, primarily focusing on business process automation and data management systems for mid-to-large organizations. Historical security audits reveal a concerning pattern of vulnerabilities, with thirty-two Common Vulnerabilities and Exposures (CVEs) currently documented. The most prevalent issues involve remote code execution and cross-site scripting, indicating persistent weaknesses in input validation and server-side processing. Additionally, several instances of broken access control and privilege escalation have been recorded, suggesting inadequate enforcement of user permissions within the application architecture. While no single catastrophic data breach has been publicly attributed to the group, the cumulative nature of these flaws presents significant risk to client infrastructure. The organization’s security posture appears reactive rather than proactive, with patches often lagging behind the disclosure of critical exploits. This trend highlights a need for rigorous code review and automated security testing integration into their development lifecycle to mitigate ongoing exposure.

Top products by Kashipara Group: Billing Software Travel Website Student Information System Hotel Management Job Portal Online Notice Board System
CVE IDTitleCVSSSeverityPublished
CVE-2023-49641 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Billing SoftwareCWE-89 9.8 Critical2025-05-12
CVE-2023-50867 Travel Website v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Travel WebsiteCWE-89 9.8 Critical2024-01-04
CVE-2023-50866 Travel Website v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Travel WebsiteCWE-89 9.8 Critical2024-01-04
CVE-2023-50865 Travel Website v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Travel WebsiteCWE-89 9.8 Critical2024-01-04
CVE-2023-50864 Travel Website v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Travel WebsiteCWE-89 9.8 Critical2024-01-04
CVE-2023-50863 Travel Website v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Travel WebsiteCWE-89 9.8 Critical2024-01-04
CVE-2023-50862 Travel Website v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Travel WebsiteCWE-89 9.8 Critical2024-01-04
CVE-2023-50760 Online Notice Board System v1.0 - Insecure File Upload — Online Notice Board SystemCWE-434 8.8 High2024-01-04
CVE-2023-50753 Online Notice Board System v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Online Notice Board SystemCWE-89 9.8 Critical2024-01-04
CVE-2023-50752 Online Notice Board System v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Online Notice Board SystemCWE-89 9.8 Critical2024-01-04
CVE-2023-50743 Online Notice Board System v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Online Notice Board SystemCWE-89 9.8 Critical2024-01-04
CVE-2023-49666 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Billing SoftwareCWE-89 9.8 Critical2024-01-04
CVE-2023-49665 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Billing SoftwareCWE-89 9.8 Critical2024-01-04
CVE-2023-49658 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Billing SoftwareCWE-89 9.8 Critical2024-01-04
CVE-2023-49639 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Billing SoftwareCWE-89 9.8 Critical2024-01-04
CVE-2023-49633 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Billing SoftwareCWE-89 9.8 Critical2024-01-04
CVE-2023-49625 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Billing SoftwareCWE-89 9.8 Critical2024-01-04
CVE-2023-49624 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Billing SoftwareCWE-89 9.8 Critical2024-01-04
CVE-2023-49622 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Billing SoftwareCWE-89 9.8 Critical2024-01-04
CVE-2023-49689 Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Job PortalCWE-89 9.8 Critical2023-12-21
CVE-2023-49688 Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Job PortalCWE-89 9.8 Critical2023-12-21
CVE-2023-49681 Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Job PortalCWE-89 9.8 Critical2023-12-21
CVE-2023-49677 Job Portal v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Job PortalCWE-89 9.8 Critical2023-12-21
CVE-2023-49272 Hotel Management v1.0 - Multiple Reflected Cross-Site Scripting (XSS) — Hotel ManagementCWE-79 5.4 Medium2023-12-20
CVE-2023-49271 Hotel Management v1.0 - Multiple Reflected Cross-Site Scripting (XSS) — Hotel ManagementCWE-79 5.4 Medium2023-12-20
CVE-2023-49270 Hotel Management v1.0 - Multiple Reflected Cross-Site Scripting (XSS) — Hotel ManagementCWE-79 5.4 Medium2023-12-20
CVE-2023-49269 Hotel Management v1.0 - Multiple Reflected Cross-Site Scripting (XSS) — Hotel ManagementCWE-79 5.4 Medium2023-12-20
CVE-2023-5007 Student Information System v1.0 - Multiple Authenticated SQL Injections (SQLi) — Student Information SystemCWE-89 8.8 High2023-12-20
CVE-2023-5011 Student Information System v1.0 - Multiple Authenticated SQL Injections (SQLi) — Student Information SystemCWE-89 8.8 High2023-12-20
CVE-2023-5010 Student Information System v1.0 - Multiple Authenticated SQL Injections (SQLi) — Student Information SystemCWE-89 8.8 High2023-12-20

This page lists every published CVE security advisory associated with Kashipara Group. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.