CVE-2025-8773 | Dinstar Monitoring Platform 甘肃省危险品库监控平台 login_getPasswordErrorNum.action sql injection

A vulnerability, which was classified as critical, was found in Dinstar Monitoring Platform 甘肃省危险品库监控平台 1.0. Affected is an unknown function of the file /itc/$%7BappPath%7D/login_getPasswordErrorNum.action. The manipulation of the argument userBean.loginName leads to sql injection.

This vulnerability is traded as CVE-2025-8773. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-8773 | Dinstar Monitoring Platform 甘肃省危险品库监控平台 login_getPasswordErrorNum.action sql injection

Post correlati

CVE-2024-40407 | Cybele Software Thinfinity Workspace prior 7.0.2.113 information disclosure

CVE-2024-49196 | Samsung Mobile Processor 1480/2400 GPU denial of service

CVE-2024-12321 | WC Affiliate Plugin up to 2.3.9 on WordPress cross site scripting

CVE-2022-49039 | Synology Drive Client prior 3.5.0-16084 Backup Task Management out-of-bounds write (SA_24_10)