Lucene search
K

28 matches found

RedhatCVE
RedhatCVE
added 2025/10/07 4:10 a.m.4 views

CVE-2025-11318

A security flaw has been discovered in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This vulnerability affects unknown code of the file uploadWxFile.do. The manipulation of the argument File results in unrestricted upload. The attack may be performed from remote. The exploit...

7.5CVSS6.6AI score0.00502EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/07 2:6 a.m.12 views

CVE-2025-11315

A vulnerability was found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. Affected by this vulnerability is the function findUserPage of the file findUserPage.do. Performing manipulation of the argument sort results in sql injection. Remote exploitation of the attack is...

7.5CVSS7.2AI score0.00452EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/07 1:7 a.m.18 views

CVE-2025-11313

A flaw has been found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This impacts the function findRolePage of the file findRolePage.do. This manipulation of the argument sort causes sql injection. The attack may be initiated remotely. The exploit has been published and may...

7.5CVSS6.8AI score0.00452EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/07 12:3 a.m.12 views

CVE-2025-11311

A security vulnerability has been detected in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. The impacted element is the function findTenantPage of the file findTenantPage.do. The manipulation of the argument sort leads to sql injection. The attack can be initiated remotely. T...

7.5CVSS7AI score0.00452EPSS
Exploits1References1
NVD
NVD
added 2025/10/06 4:15 a.m.3 views

CVE-2025-11318

A security flaw has been discovered in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This vulnerability affects unknown code of the file uploadWxFile.do. The manipulation of the argument File results in unrestricted upload. The attack may be performed from remote. The exploit...

9.8CVSS0.00502EPSS
Exploits1References4
CVE
CVE
added 2025/10/06 3:32 a.m.12 views

CVE-2025-11318

Tipray Data Leakage Prevention System 1.0 contains a vulnerability in the file uploadWxFile.do endpoint where manipulating the File parameter allows unrestricted file uploads. The issue is exploitable remotely and details, including that exploits have been released publicly, are noted across mult...

9.8CVSS7.2AI score0.00502EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2025/10/06 3:32 a.m.5 views

EUVD-2025-32487

A security flaw has been discovered in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This vulnerability affects unknown code of the file uploadWxFile.do. The manipulation of the argument File results in unrestricted upload. The attack may be performed from remote. The exploit...

7.5CVSS6.2AI score0.00502EPSS
Exploits1References5
OSV
OSV
added 2025/10/06 3:15 a.m.4 views

CVE-2025-11316

A vulnerability was determined in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. Affected by this issue is the function findCategoryPage of the file findCategoryPage.do. Executing manipulation of the argument tenantId can lead to sql injection. The attack can be executed...

9.8CVSS5.8AI score0.00452EPSS
Exploits1References4
OSV
OSV
added 2025/10/06 3:15 a.m.4 views

CVE-2025-11317

A vulnerability was identified in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This affects the function findRolePage of the file findSingConfigPage.do. The manipulation of the argument sort leads to sql injection. The attack is possible to be carried out remotely. The explo...

9.8CVSS5.7AI score0.00452EPSS
Exploits1References4
NVD
NVD
added 2025/10/06 2:15 a.m.5 views

CVE-2025-11313

A flaw has been found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This impacts the function findRolePage of the file findRolePage.do. This manipulation of the argument sort causes sql injection. The attack may be initiated remotely. The exploit has been published and may...

9.8CVSS0.00452EPSS
Exploits1References4
OSV
OSV
added 2025/10/06 2:15 a.m.7 views

CVE-2025-11315

A vulnerability was found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. Affected by this vulnerability is the function findUserPage of the file findUserPage.do. Performing manipulation of the argument sort results in sql injection. Remote exploitation of the attack is...

9.8CVSS5.6AI score0.00452EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/06 2:2 a.m.7 views

EUVD-2025-32478

A vulnerability was found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. Affected by this vulnerability is the function findUserPage of the file findUserPage.do. Performing manipulation of the argument sort results in sql injection. Remote exploitation of the attack is...

7.5CVSS6.2AI score0.00452EPSS
Exploits1References6
CVE
CVE
added 2025/10/06 2:2 a.m.12 views

CVE-2025-11315

Tipray Data Leakage Prevention System 1.0 is affected. The vulnerability is in the findUserPage.do file, specifically the findUserPage function, where manipulation of the sort argument enables SQL injection. It is remotely exploitable and the exploit has been made public. The vendor was contacted...

9.8CVSS6.4AI score0.00452EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2025/10/06 1:32 a.m.4 views

EUVD-2025-32479

A vulnerability has been found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. Affected is the function findRolePage of the file findSingConfigPage.do. Such manipulation of the argument sort leads to sql injection. The attack may be launched remotely. The exploit has been...

7.5CVSS6.5AI score0.00452EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/10/06 1:2 a.m.4 views

CVE-2025-11313 Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 findRolePage.do findRolePage sql injection

A flaw has been found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This impacts the function findRolePage of the file findRolePage.do. This manipulation of the argument sort causes sql injection. The attack may be initiated remotely. The exploit has been published and may...

7.5CVSS7.2AI score0.00452EPSS
Exploits1References4
CVE
CVE
added 2025/10/06 1:2 a.m.15 views

CVE-2025-11313

Tipray Data Leakage Prevention System 1.0 has a SQL injection in findRolePage.do (findRolePage) caused by improper handling of the sort parameter. The flaw can be exploited remotely; exploit published. Vendor contact noted with no response. No remediation details are provided in the supplied docu...

9.8CVSS7.2AI score0.00452EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2025/10/06 1:2 a.m.7 views

EUVD-2025-32482

A flaw has been found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This impacts the function findRolePage of the file findRolePage.do. This manipulation of the argument sort causes sql injection. The attack may be initiated remotely. The exploit has been published and may...

7.5CVSS6.3AI score0.00452EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/06 12:32 a.m.4 views

EUVD-2025-32477

A vulnerability was detected in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This affects the function findModulePage of the file findModulePage.do. The manipulation of the argument sort results in sql injection. The attack can be launched remotely. The exploit is now public...

7.5CVSS6.5AI score0.00452EPSS
Exploits1References5
OSV
OSV
added 2025/10/06 12:15 a.m.4 views

CVE-2025-11310

A weakness has been identified in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. The affected element is the function findFileServerPage of the file findFileServerPage.do. Executing manipulation of the argument sort can lead to sql injection. It is possible to launch the attac...

9.8CVSS5.7AI score0.00462EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/10/06 12:0 a.m.3 views

Tipray Data Leakage Prevention System SQL注入漏洞

Tipray Data Leakage Prevention System is a data leakage prevention system of China Tipray Company. Tipray Data Leakage Prevention System version 1.0 has a SQL injection vulnerability, the vulnerability stems from the incorrect operation of the parameter sort in the file findSingConfigPage.do, whi...

9.8CVSS7.9AI score0.00452EPSS
Exploits1References4
Rows per page
Query Builder