CVE-2025-22214 | THREATINT

Description

Landray EIS 2001 through 2006 allows Message/fi_message_receiver.aspx?replyid= SQL injection.

PUBLISHED Reserved 2025-01-02 | Published 2025-01-02 | Updated 2025-01-02 | Assigner mitre

MEDIUM: 4.3CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Problem types

CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

References

github.com/Zerone0x00/CVE/blob/main/蓝凌EISsql注入/1.md

cve.org (CVE-2025-22214)

nvd.nist.gov (CVE-2025-22214)

Download JSON

help @ threatint.eu