| عنوان | Fuzhou Yinda Yunchuang Information Technology Smart Integrated Management Platform System 7.5 SQL Injection |
|---|
| الوصف | An unauthenticated SQL injection vulnerability has been identified in an additional interface of the Smart Integrated Management Platform System version 7.5, developed by Fuzhou Yinda Yunchuang Information Technology Co., Ltd.
Due to improper validation of user-supplied input, remote attackers can inject malicious SQL statements through this interface, resulting in unauthorized database access.
Successful exploitation may allow attackers to retrieve, modify, or manipulate sensitive database information, posing a serious risk to the confidentiality and integrity of affected systems.
The vulnerability affects version 7.5 and has been observed across a large number of exposed instances. |
|---|
| المصدر | ⚠️ https://github.com/luoye197-prog/cve-yinda-sql2 |
|---|
| المستخدم | lanmeik (UID 95270) |
|---|
| ارسال | 06/02/2026 12:57 PM (4 أشهر منذ) |
|---|
| الاعتدال | 19/02/2026 06:17 PM (13 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 346946 [Fujian Smart Integrated Management Platform System حتى 7.5 XCamera.ashx ChannelName حقن SQL] |
|---|
| النقاط | 20 |
|---|