Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

链接： https://github.com/advisories/GHSA-76hg-cg4f-g27p

CVSS 评分： 9.8

参考链接：

https://nvd.nist.gov/vuln/detail/CVE-2025-6918
https://www.usom.gov.tr/bildirim/tr-25-0180
https://github.com/advisories/GHSA-76hg-cg4f-g27p

描述：

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Ncvav Virtual PBX Software allows SQL Injection.This issue affects Virtual PBX Software: before 09.07.2025.

安全公告

#Github Advisory

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

http://example.com/2025/07/28/github_1991387817/

作者

lianccc

发布于

2025年7月28日

许可协议

Remote for Mac 20256 - Unauthenticated RCE 上一篇

Linux Password Complexity Not Enforced 下一篇