CNNVD-202602-1356 Information

CNNVD ID

CNNVD-202602-1356

Related CVE

CVE-2026-2235

• CNNVD Published: 2026-02-09

Description (Chinese)

HGiga C&Cm@il是中国恒基（HGiga）公司的一个邮件协同系统。 HGiga C&Cm@il存在SQL注入漏洞，该漏洞源于输入验证不足，可能导致经过身份验证的远程攻击者注入任意SQL命令以读取数据库内容。

Description (English)

HGiga C&Cm@il is a mail synergetic system of HGiga. HGiga C&Cm@il has an injection loophole in SQL, which stems from inadequate input authentication, which may result in a remotely identified attacker injecting any SQL command to read the database.

Hazard Level

High

Vulnerability Type

SQL注入

Published

2026-02-09

Last Modified

2026-02-24

References

https://www.twcert.org.tw/en/cp-139-10704-d5aba-2.html https://www.twcert.org.tw/tw/cp-132-10703-3d02f-1.html

Patch

https://www.hgiga.com/ccmail.html