CVE-2025-9255

High CVSS: 8.7

WebITR developed by Uniong has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.

Vendor

Uniong

Product

Webitr

CWE

CWE-89

Yayın Tarihi

2025-08-22 12:15:34

Güncelleme

2025-11-06 22:06:30

Source Identifier

twcert@cert.org.tw

KEV Date Added

Kategoriler

CWE-89 Webitr HIGH Uniong 2025

Referanslar

https://www.twcert.org.tw/en/cp-139-10329-a1c5d-2.html https://www.twcert.org.tw/tw/cp-132-10328-dbc35-1.html

Benzer Kayıtlar

High

CVE-2025-13771

WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated remote attackers to exploit…

High

CVE-2025-13769

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrar…

High

CVE-2025-13770

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrar…

High

CVE-2025-13768

WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log in…

High

CVE-2025-9256

WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privilege…

High

CVE-2025-9257

WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privilege…