CNNVD-202506-2600 Information

Jun 19, 2025 cve

CNNVD ID

CNNVD-202506-2600

CVE-2025-6276

CNNVD Published: 2025-06-19

Description (Chinese)

Brilliance Golden Link Secondary System是中国新晨（Brilliance）公司的一个管理系统。 Brilliance Golden Link Secondary System 20250609及之前版本存在注入漏洞，该漏洞源于文件/storagework/rentTakeInfoPage.htm中参数custTradeName操作不当，可能导致SQL注入攻击。

Description (English)

Brilliance Golden Link Security Systems is a management system for the Chinese company Brilliance. Brilliance Golden Link System 202506009 and previous versions have an injection loophole, which stems from the inappropriate operation of the parameter CusttradeName in the document/storagework/rentTakeInfoPage.htm, which could lead to an SQL injection attack.

Hazard Level

High

Vulnerability Type

注入

Affected Vendor

新晨

Published

2025-06-19

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.313280 https://github.com/eeeeeekkkkkkkk/POC/blob/main/%E9%BB%84%E9%87%91%E9%80%9A%E4%BA%8C%E7%BA%A7%E7%B3%BB%E7%BB%9F%E4%B8%89%E4%BB%A3%E7%AE%A1%E7%90%86%E7%AB%AF%E7%B3%BB%E7%BB%9FrentTakeInfoPage%E6%8E%A5%E5%8F%A3%E5%AD%98%E5%9C%A8SQL%E6%B3%A8%E5%85%A5.md https://vuldb.com/?id.313280 https://vuldb.com/?submit.593067 https://access.redhat.com/security/cve/cve-2025-6276

Share on: