Renwoxing Enterprise Intelligent Management System before v3.0 was discovered to contain a SQL injection vulnerability via the parid parameter at /fx/baseinfo/SearchInfo.