CNNVD-202602-1355 Information

CNNVD ID

CNNVD-202602-1355

Related CVE

CVE-2026-2236

• CNNVD Published: 2026-02-09

Description (Chinese)

HGiga C&Cm@il是中国恒基（HGiga）公司的一个邮件协同系统。 HGiga C&Cm@il存在SQL注入漏洞，该漏洞源于输入验证不足，可能导致未经验证的远程攻击者注入任意SQL命令以读取数据库内容。

Description (English)

HGiga C&Cm@il is a mail synergetic system of HGiga. HGiga C&Cm@il had an injection loophole in SQL, which stemmed from inadequate input validation and could lead to uncertified remote assailants injecting any SQL command to read the database.

Hazard Level

Medium

Vulnerability Type

SQL注入

Published

2026-02-09

Last Modified

2026-02-24

References

https://www.twcert.org.tw/en/cp-139-10704-d5aba-2.html https://www.twcert.org.tw/tw/cp-132-10703-3d02f-1.html

Patch

https://www.hgiga.com/ccmail.html