exploitDog

CVE-2025-43923

Опубликовано: 03 июн. 2025

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

An issue was discovered in ReportController in Unicom Focal Point 7.6.1. A user who has administrative privilege in Focal Point can perform SQL injection via the image parameter during a delete report image operation.

Ссылки

https://www.unicomsi.com/products/focal-point/
Product
https://www.unicomsi.com/security-advisory/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:unicomsi:focal_point:7.6.1:*:*:*:*:*:*:*

EPSS

Процентиль: 11%

0.00036

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-x56h-2x3p-c97x

CVSS3: 6.5

github

8 месяцев назад

An issue was discovered in ReportController in Unicom Focal Point 7.6.1. A user who has administrative privilege in Focal Point can perform SQL injection via the image parameter during a delete report image operation.

EPSS

Процентиль: 11%

0.00036

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-89