CNNVD-202510-1611 Information
Oct 12, 2025
cve
CNNVD ID
CNNVD-202510-1611
Related CVE
- CNNVD Published: 2025-10-12
Description (Chinese)
MxsDoc是Rainy开源的一个基于 Web 的文件管理系统。 MxsDoc 2.02.36及之前版本存在SQL注入漏洞,该漏洞源于对文件/Manage/getUserList.do中函数getUserList的错误操作,可能导致SQL注入攻击。
Description (English)
MxsDoc is a web-based document management system from Rainy Open Source. MxDoc 2.02.36 and previous versions contain an injection loophole in SQL, which is the result of an error in the function GetUseList in file/Manage/getUseList.do, which could lead to an attack on SQL injection.
Hazard Level
High
Vulnerability Type
SQL注入
Affected Vendor
Rainy
Published
2025-10-12
Last Modified
2026-02-24
References
https://github.com/xkalami-Tta0/CVE/blob/main/DocSys/sql%E6%B3%A8%E5%85%A5.md https://vuldb.com/?ctiid.328041 https://vuldb.com/?id.328041 https://vuldb.com/?submit.664843
Patch
https://github.com/RainyGao-GitHub/DocSys/releases
Share on: