CVE-2025-13770

High CVSS: 7.1

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.

Vendor

Uniong

Product

Webitr

CWE

CWE-89

Yayın Tarihi

2025-11-28 08:15:53

Güncelleme

2025-12-01 14:38:59

Source Identifier

twcert@cert.org.tw

KEV Date Added

Kategoriler

CWE-89 Webitr HIGH Uniong 2025

Referanslar

https://www.twcert.org.tw/en/cp-139-10539-21f45-2.html https://www.twcert.org.tw/tw/cp-132-10538-6a26d-1.html

Benzer Kayıtlar

High

CVE-2025-13771

WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated remote attackers to exploit…

High

CVE-2025-13769

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrar…

High

CVE-2025-13768

WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log in…

High

CVE-2025-9255

WebITR developed by Uniong has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitr…

High

CVE-2025-9256

WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privilege…

High

CVE-2025-9257

WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privilege…