exploitDog

CVE-2025-0585

Опубликовано: 20 янв. 2025

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

The a+HRD from aEnrich Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.

Ссылки

https://www.twcert.org.tw/en/cp-139-8373-91edc-2.html
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-8372-19721-1.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:aenrich:a\+hrd:*:*:*:*:*:*:*:*

Версия до 7.5 (включая)

EPSS

Процентиль: 36%

0.00152

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-hj6r-xr4f-66vc

CVSS3: 9.8

github

около 1 года назад

The a+HRD from aEnrich Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.

EPSS

Процентиль: 36%

0.00152

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89