CNNVD-202509-1815 Information

Sep 12, 2025 cve

CNNVD ID

CNNVD-202509-1815

CVE-2025-10266

  • CNNVD Published: 2025-09-12

Description (Chinese)

NewType Infortech NUP Portal是中国台湾新人类(NewType Infortech)公司的一款门户管理与协同办公软件系统。 NewType Infortech NUP Portal存在SQL注入漏洞,该漏洞源于未经验证的远程攻击者可注入任意SQL命令,可能导致读取、修改和删除数据库内容。

Description (English)

NewType Infortech NUP Portal is a portal management and co-location software system for NewType Infortech. NewType Inforteech NUP Portal has an injection loophole in SQL, which stems from the fact that uncertified remote assailants can inject any SQL order and may lead to reading, modifying and deleting the contents of the database.

Hazard Level

Low

Vulnerability Type

SQL注入

Affected Vendor

NextEPC

Published

2025-09-12

Last Modified

2026-02-24

References

https://www.twcert.org.tw/en/cp-139-10378-4fd0d-2.html https://www.twcert.org.tw/tw/cp-132-10377-89750-1.html

Patch

https://www.newtype.com.tw/

Share on: