CNNVD-202509-2029 Information
CNNVD ID
CNNVD-202509-2029
Related CVE
- CNNVD Published: 2025-09-15
Description (Chinese)
Open Web Analytics Server是Open Web Analytics开源的用于Google Analytics 等商业 Web 分析工具的开源替代方案。 Open Web Analytics Server 1.8.1之前版本存在SQL注入漏洞,该漏洞源于容易受到SQL注入攻击。
Description (English)
Open Web Analytics Server is the Open Web Analytics open source alternative for commercial Web analysis tools such as Google Analytics. Pre-version of Open Web Analytics Server 1.8.1 has an injection loophole in SQL, which stems from its vulnerability to SQL injection.
Hazard Level
High
Vulnerability Type
SQL注入
Affected Vendor
Open Web Analytics
Published
2025-09-15
Last Modified
2026-02-24
References
https://github.com/Open-Web-Analytics/Open-Web-Analytics/commit/1e5531522acb8f145627c9feb0175cf8a66561ba https://github.com/Open-Web-Analytics/Open-Web-Analytics/compare/1.8.0…1.8.1 https://www.seralys.com/research/CVE-2025-59397.txt https://github.com/Open-Web-Analytics/Open-Web-Analytics/releases/tag/1.8.1 https://www.openwebanalytics.com https://seclists.org/fulldisclosure/2025/Oct/5 https://access.redhat.com/security/cve/cve-2025-59397
Patch
https://github.com/Open-Web-Analytics/Open-Web-Analytics/releases
Share on: