CNNVD-202511-979 Information

CNNVD ID

CNNVD-202511-979

Related CVE

CVE-2025-12864

• CNNVD Published: 2025-11-10

Description (Chinese)

e-Excellence U-Office Force是中国一等一科技（e-Excellence）公司的一个电子办公室平台。 e-Excellence U-Office Force存在SQL注入漏洞，该漏洞源于允许经过身份验证的远程攻击者注入任意SQL命令，可能导致读取、修改和删除数据库内容。

Description (English)

E-Excellence U-Office Force is an electronic office platform for first-class technology in China. e-Expellence U-Office Force has an injection loophole in SQL, which stems from allowing a remotely identified attacker to inject any SQL order, which may lead to reading, modifying and deleting the contents of the database.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

一等一科技

Published

2025-11-10

Last Modified

2026-02-24

References

https://www.twcert.org.tw/en/cp-139-10489-a5a6d-2.html https://www.twcert.org.tw/tw/cp-132-10488-2df22-1.html

Patch

https://www.edetw.com/uofx-about/