CNNVD-202511-1817 Information
Nov 16, 2025
cve
CNNVD ID
CNNVD-202511-1817
Related CVE
- CNNVD Published: 2025-11-16
Description (Chinese)
DataX-Web是WeiYe个人开发者的一个在 DataX 之上开发的分布式数据同步工具。 DataX-Web 2.1.2及之前版本存在SQL注入漏洞,该漏洞源于未知函数的错误操作,可能导致SQL注入攻击。
Description (English)
DataX-Web is a distributed data synchronization tool developed by the WeiYe personal developer on DataX. DataX-Web 2.1.2 and previous versions contain an injection loophole in SQL, which stems from an error in an unknown function and may lead to an attack on SQL.
Hazard Level
High
Vulnerability Type
SQL注入
Affected Vendor
个人开发者
Published
2025-11-16
Last Modified
2026-02-24
References
https://vuldb.com/?ctiid.332585 https://github.com/Xzzz111/exps/blob/main/archives/datax-web-sql-injection-1/report.md https://vuldb.com/?id.332585 https://vuldb.com/?submit.687606 https://access.redhat.com/security/cve/cve-2025-13251
Share on: