CNNVD-202511-814 Information

Nov 07, 2025 cve

CNNVD ID

CNNVD-202511-814

CVE-2025-10968

CNNVD Published: 2025-11-07

Description (Chinese)

GG Soft PaperWork是土耳其GG Soft公司的一看文档管理及流程控制软件。 GG Soft PaperWork 6.1.0.9390版本至6.1.0.9398之前版本存在SQL注入漏洞，该漏洞源于Hibernate框架未正确处理SQL命令中的特殊元素，可能导致SQL注入攻击。

Description (English)

GG Soft PaperWork is a first-hand document management and process control software for GG Soft, Turkey. GG Soft PaperWork 6.1.0.03990 to 6.1.0.9398 has an injection loophole in SQL, which stems from the fact that the Hibernate framework did not properly address the special elements of SQL orders, which could lead to an attack on SQL.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

GG Soft

Published

2025-11-07

Last Modified

2026-02-24

References

https://www.usom.gov.tr/bildirim/tr-25-0381

Patch

https://ggsoftsolutions.com/

Share on: