CNNVD-202506-2602 Information

Jun 19, 2025 cve

CNNVD ID

CNNVD-202506-2602

CVE-2025-6277

CNNVD Published: 2025-06-19

Description (Chinese)

Brilliance Golden Link Secondary System是中国新晨（Brilliance）公司的一个管理系统。 Brilliance Golden Link Secondary System 20250609及之前版本存在注入漏洞，该漏洞源于文件/storagework/custTakeInfoPage.htm中参数custTradeName操作不当，可能导致SQL注入攻击。

Description (English)

Brilliance Golden Link Security Systems is a management system for the Chinese company Brilliance. There is an infusion loophole in Brilliance Golden Link System System 20250609 and earlier versions, which stems from the inappropriate operation of the parameter CusttradeName in the document/storagework/cutTakeInfoPage.htm, which could lead to an SQL injection attack.

Hazard Level

High

Vulnerability Type

注入

Affected Vendor

新晨

Published

2025-06-19

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.313281 https://vuldb.com/?submit.593074 https://vuldb.com/?id.313281 https://github.com/eeeeeekkkkkkkk/POC/blob/main/%E9%BB%84%E9%87%91%E9%80%9A%E4%BA%8C%E7%BA%A7%E7%B3%BB%E7%BB%9F%E4%B8%89%E4%BB%A3%E7%AE%A1%E7%90%86%E7%AB%AF%E7%B3%BB%E7%BB%9FcustTakeInfoPage%E6%8E%A5%E5%8F%A3%E5%AD%98%E5%9C%A8SQL%E6%B3%A8%E5%85%A5.md https://access.redhat.com/security/cve/cve-2025-6277

Share on: