CVE-2025-0585

Critical CVSS: 9.8

The a+HRD from aEnrich Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.

Vendor

Aenrich

Product

A\+hrd

CWE

CWE-89

Yayın Tarihi

2025-01-20 03:15:09

Güncelleme

2025-11-17 19:13:22

Source Identifier

twcert@cert.org.tw

KEV Date Added

Kategoriler

CWE-89 A\+hrd CRITICAL Aenrich 2025

Referanslar

https://www.twcert.org.tw/en/cp-139-8373-91edc-2.html https://www.twcert.org.tw/tw/cp-132-8372-19721-1.html

Benzer Kayıtlar

Medium

CVE-2025-12869

The a+HRD developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing remote attackers with administr…

Critical

CVE-2025-12870

The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to s…

Critical

CVE-2025-12871

The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to c…

Medium

CVE-2025-0584

The a+HRD from aEnrich Technology has a Server-side Request Forgery, allowing unauthenticated remote attackers to exploi…

High

CVE-2025-0586

The a+HRD from aEnrich Technology has an Insecure Deserialization vulnerability, allowing remote attackers with database…

Medium

CVE-2025-0583

The a+HRD from aEnrich Technology has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote at…