CNNVD-202509-1869 Information

Sep 14, 2025 cve

CNNVD ID

CNNVD-202509-1869

CVE-2025-10387

CNNVD Published: 2025-09-14

Description (Chinese)

Jasmin The Ransomware是Siddhant Gour个人开发者的一个 ReadTeams 使用的强大的勒索软件安全测试工具。 Jasmin The Ransomware 1.0.1及之前版本存在SQL注入漏洞，该漏洞源于对文件/handshake.php中参数machine_name/computer_user/os/date/time/ip/location/systemid/password的错误操作，可能导致SQL注入攻击。

Description (English)

Jasmin The Ransomware is a RedTeams powerful blackmail software security test tool used by Siddhant Gour personal developer. The Jasmin The Ransomware 1.0.1 and previous versions had an injection loophole in SQL, which stemmed from an error in the operation of Machine name/computer user/os/date/time/ip/location/system/password on the parameter in document/handshank.php, which could lead to an attack on SQL injection.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

个人开发者

Published

2025-09-14

Last Modified

2026-02-24

References

https://github.com/YZS17/CVE/blob/main/Jasmin-Ransomware/sqli_handshake.php.md https://vuldb.com/?submit.644285 https://vuldb.com/?id.323822 https://vuldb.com/?ctiid.323822 https://access.redhat.com/security/cve/cve-2025-10387

Share on: