Metasoft MetaCRM 安全漏洞

Metasoft MetaCRM is a customer relationship management system software developed by Metasoft Corporation. Versions of Metasoft MetaCRM 6.4.0 and earlier contain security vulnerabilities. These vulnerabilities stem from improper handling of parameters in the Statement.executeUpdate function of the...

PT-2026-33751

A vulnerability has been found in Metasoft 美特软件 MetaCRM up to 6.4.0. This vulnerability affects the function Statement.executeUpdate of the file sql.jsp of the component Interface. Such manipulation of the argument sql leads to sql injection. The attack can be launched remotely. The exploit has...

EUVD-2025-22002

Malicious code in bioql PyPI...

EUVD-2025-22001

Malicious code in bioql PyPI...

EUVD-2025-21999

Malicious code in bioql PyPI...

EUVD-2025-21996

Malicious code in bioql PyPI...

EUVD-2025-22000

Malicious code in bioql PyPI...

EUVD-2025-21995

Malicious code in bioql PyPI...

EUVD-2025-22003

Malicious code in bioql PyPI...

CVE-2025-7880

A vulnerability was found in Metasoft 美特软件 MetaCRM up to 6.4.2 and classified as critical. Affected by this issue is some unknown functionality of the file /business/common/sms/sendsms.jsp. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotely. Th...

CVE-2025-7879

A vulnerability has been found in Metasoft 美特软件 MetaCRM up to 6.4.2 and classified as critical. Affected by this vulnerability is an unknown functionality of the file mobileupload.jsp. The manipulation of the argument File leads to unrestricted upload. The attack can be launched remotely. The...

CVE-2025-7878

A vulnerability, which was classified as critical, was found in Metasoft 美特软件 MetaCRM up to 6.4.2. Affected is an unknown function of the file /common/jsp/upload2.jsp. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has...

CVE-2025-7876

A vulnerability classified as critical was found in Metasoft 美特软件 MetaCRM up to 6.4.2. This vulnerability affects the function AnalyzeParam of the file download.jsp. The manipulation of the argument p leads to deserialization. The attack can be initiated remotely. The exploit has been disclosed t...

CVE-2025-7877

A vulnerability, which was classified as critical, has been found in Metasoft 美特软件 MetaCRM up to 6.4.2. This issue affects some unknown processing of the file sendfile.jsp. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has be...

CVE-2025-7875

A vulnerability classified as critical has been found in Metasoft 美特软件 MetaCRM up to 6.4.2. This affects an unknown part of the file /debug.jsp. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may ...

CVE-2025-7874

A vulnerability was found in Metasoft 美特软件 MetaCRM up to 6.4.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /env.jsp. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the...

CVE-2025-7878

A vulnerability, which was classified as critical, was found in Metasoft 美特软件 MetaCRM up to 6.4.2. Affected is an unknown function of the file /common/jsp/upload2.jsp. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has...

CVE-2025-7880 Metasoft 美特软件 MetaCRM sendsms.jsp unrestricted upload

A vulnerability was found in Metasoft 美特软件 MetaCRM up to 6.4.2 and classified as critical. Affected by this issue is some unknown functionality of the file /business/common/sms/sendsms.jsp. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotely. Th...

CVE-2025-7880

The CVE-2025-7880 entry concerns Metasoft MetaCRM (versions up to 6.4.2). The vulnerability lies in the file /business/common/sms/sendsms.jsp, where manipulating the File argument enables unrestricted file upload. This is described as a remote attack with a disclosed exploit; the vulnerability is...

CVE-2025-7875

A vulnerability classified as critical has been found in Metasoft 美特软件 MetaCRM up to 6.4.2. This affects an unknown part of the file /debug.jsp. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may ...