CNNVD-202508-870 Information
CNNVD ID
CNNVD-202508-870
Related CVE
- CNNVD Published: 2025-08-10
Description (Chinese)
Zhilink ADP Application Developer Platform是中国智互联(Zhilink)公司的一个应用开发平台,提供一站式开发工具与环境,支持企业级应用程序的快速构建与部署。 Zhilink ADP Application Developer Platform存在SQL注入漏洞,该漏洞源于文件/adpweb/a/sys/office/treeData中参数extId的错误操作导致SQL注入,可能导致远程攻击。
Description (English)
Zhilink ADP Application Developer Platform is an application development platform for Zhilink, which provides one-stop development tools and the environment to support the rapid construction and deployment of enterprise-level applications. Zhilink ADP Application Developer Platform has an SQL injection loophole, which stems from an error in the argument extId in the document/adpweb/a/sys/office/treeData that led to the SQL injection, which could lead to a long-range attack.
Hazard Level
Low
Vulnerability Type
SQL注入
Affected Vendor
智互联
Published
2025-08-10
Last Modified
2026-02-24
References
https://vuldb.com/?ctiid.319335 https://vuldb.com/?submit.626189 https://vuldb.com/?id.319335 https://access.redhat.com/security/cve/cve-2025-8806