CNNVD-202512-1124 Information

CNNVD ID

CNNVD-202512-1124

Related CVE

CVE-2021-47704

• CNNVD Published: 2025-12-09

Description (Chinese)

OpenBMCS是澳大利亚OpenBMCS公司的一个建筑管理和控制系统。 OpenBMCS 2.4版本存在SQL注入漏洞，该漏洞源于id参数存在SQL注入问题，可能导致数据库信息泄露。

Description (English)

OpenBMCS is a building management and control system of OpenBMCS, Australia. OpenBMCS version 2.4 has an SQL injection loophole, which stems from the problem of the id parameter with the SQL injection, which may lead to the disclosure of database information.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

OpenBMCS

Published

2025-12-09

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/openbmcs-sql-injection-via-obixtestphp https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5692.php https://www.exploit-db.com/exploits/50668 https://www.openbmcs.com https://access.redhat.com/security/cve/cve-2021-47704