4 matches found
CVE-2025-14101
Authorization Bypass Through User-Controlled Key vulnerability in GG Soft Software Services Inc. PaperWork allows Exploitation of Trusted Identifiers. This issue affects PaperWork: from 5.2.0.9427 before 6.0...
CVE-2025-10968
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection', CWE - 564 - SQL Injection: Hibernate vulnerability in GG Soft Software Services Inc. PaperWork allows Blind SQL Injection, SQL Injection. This issue affects PaperWork: from 6.1.0.9390 before 6.1.0.9398...
CVE-2025-10968
CVE-2025-10968 concerns a SQL Injection in GG Soft PaperWork (versions 6.1.0.9390–6.1.0.9397) due to improper neutralization of special elements in SQL commands through the Hibernate layer. The vulnerability could enable Blind SQL Injection and standard SQL Injection. A fixed release is 6.1.0.939...
GG Soft PaperWork SQL注入漏洞
GG Soft PaperWork is a document management and process control software from GG Soft, Turkey. A SQL injection vulnerability exists in GG Soft PaperWork version 6.1.0.9390 up to and including version 6.1.0.9398. The vulnerability stems from the Hibernate framework not handling special elements in...