CVE-2025-7798 | Beijing Shenzhou Shihan Technology Multimedia Integrated Business Display System up to 8.2 companyManage Struccture_ID sql injection

Inserito da Angelo Barbosa | Lug 18, 2025 | CVE

A vulnerability classified as critical has been found in Beijing Shenzhou Shihan Technology Multimedia Integrated Business Display System up to 8.2. This affects an unknown part of the file /admin/system/structure/getdirectorydata/web/baseinfo/companyManage. The manipulation of the argument Struccture_ID leads to sql injection.

This vulnerability is uniquely identified as CVE-2025-7798. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2025-7798 | Beijing Shenzhou Shihan Technology Multimedia Integrated Business Display System up to 8.2 companyManage Struccture_ID sql injection

Post correlati

CVE-2024-28176 | jose JWE resource consumption

CVE-2025-0754 | Red Hat OpenShift Service Mesh 2.5.6/2.6.3 Envoy Header Hander injection

CVE-2024-9492 | Silabs Flash Programming Utility up to 4.80 uncontrolled search path

CVE-2024-43398 | rexml Gem up to 3.3.5 on Ruby API Parser REXML::Document.new xml entity expansion