28Şub
CVE-2025-1797 | Hunan Zhonghe Baiyi Information Technology Baiyiyun Asset Management and Operations System up to 20250217 anyUserBoundHouse.php huid sql injection
A vulnerability, which was classified as critical, has been found in Hunan Zhonghe Baiyi Information Technology Baiyiyun Asset Management and Operations System up to 20250217. Affected by this issue is some unknown functionality of the file /wuser/anyUserBoundHouse.php. The manipulation of the argument huid leads to sql injection. This vulnerability is handled as CVE-2025-1797. The attack may be launched remotely. Furthermore, there is an exploit available.