CNNVD-202510-2394 Information

CNNVD ID

CNNVD-202510-2394

Related CVE

CVE-2025-41019

• CNNVD Published: 2025-10-16

Description (Chinese)

Sergestec SISTICK是Sergestec公司的一个企业业务管理平台。 Sergestec SISTICK v7.2版本存在SQL注入漏洞，该漏洞源于对文件/index.php?view=ticket_detail中参数id的错误操作，可能导致SQL注入攻击。

Description (English)

Sergei SISTICK is a business management platform for Sergei. There is an SQL injection loophole in Sergestec SISTICK v7.2, which stems from an error in the id parameter in the file/index.php?view=ticket detail, which could lead to an SQL injection attack.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

Sergestec

Published

2025-10-16

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-sergestec-products