Unrated severityNVD Advisory· Published Jun 5, 2025· Updated Jun 9, 2025
Brilliance Golden Link Secondary System tcCustDeferPosiQuery.htm sql injection
CVE-2025-5697
Description
A vulnerability, which was classified as critical, has been found in Brilliance Golden Link Secondary System up to 20250424. This issue affects some unknown processing of the file /reprotframework/tcCustDeferPosiQuery.htm. The manipulation of the argument custTradeId leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Affected products
2<=20250424+ 1 more
- (no CPE)range: <=20250424
- (no CPE)range: 20250424
Patches
Vulnerability mechanics
References
4- github.com/K-mxredo/MXdocument/blob/K-mxredo-blob/%E9%BB%84%E9%87%91%E9%80%9Astorageworkrent-tcCustDeferPosiQuery.mdmitreexploit
- vuldb.commitrethird-party-advisory
- vuldb.commitresignaturepermissions-required
- vuldb.commitrevdb-entrytechnical-description
News mentions
0No linked articles in our index yet.