CNNVD-202512-1002 Information

CNNVD ID

CNNVD-202512-1002

Related CVE

CVE-2025-14254

• CNNVD Published: 2025-12-08

Description (Chinese)

Galaxy Software Services Vitals ESP是中国叡扬资讯（Galaxy Software Services）公司的一个用于办公的知识管理系统。 Galaxy Software Services Vitals ESP存在SQL注入漏洞，该漏洞源于SQL命令注入，可能导致读取数据库内容。

Description (English)

Galaxy Software Services Vitals ESP is a knowledge management system for offices of the Chinese company Galaxy Software Services. Galaxy Software Services Vitals ESP has an SQL injection loophole, which originates from SQL command injections and may lead to access to database content.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

叡扬资讯

Published

2025-12-08

Last Modified

2026-02-24

References

https://www.twcert.org.tw/en/cp-139-10543-380bd-2.html https://www.twcert.org.tw/tw/cp-132-10542-4c682-1.html