CNNVD-202506-2584 Information

Jun 19, 2025 cve

CNNVD ID

CNNVD-202506-2584

CVE-2025-6267

CNNVD Published: 2025-06-19

Description (Chinese)

Zhilink ADP Application Developer Platform是中国智互联（Zhilink）公司的一个应用开发平台，提供一站式开发工具与环境，支持企业级应用程序的快速构建与部署。 Zhilink ADP Application Developer Platform 1.0.0版本存在SQL注入漏洞，该漏洞源于文件/adpweb/a/base/barcodeDetail/中参数barcodeNo/barcode/itemNo操作不当，可能导致SQL注入攻击。

Description (English)

Zhilink ADP Application Developer Platform is an application development platform for Zhilink, which provides one-stop development tools and the environment to support the rapid construction and deployment of enterprise-level applications. Zhilink ADP Application Developer Platform 1.0.0 has an injection loophole in SQL, which stems from the poor operation of the barcode No/barcode/itemNo. in document/adpweb/a/base/barcodeDetail/mediate parameter, which could lead to an SQL injection attack.

Hazard Level

Low

Vulnerability Type

SQL注入

Affected Vendor

智互联

Published

2025-06-19

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.313271 https://vuldb.com/?id.313271 https://vuldb.com/?submit.586697

Share on: