Vulnerability Details CVE-2025-15493
A flaw has been found in RainyGao DocSys up to 2.02.36. The impacted element is an unknown function of the file src/com/DocSystem/mapping/ReposAuthMapper.xml. Executing a manipulation of the argument searchWord can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.5%
CVSS Severity
CVSS v3 Score 6.3
CVSS v2 Score 6.5
References
- https://github.com/xkalami-Tta0/CVE/blob/main/DocSys/sql%E6%B3%A8%E5%85%A52.md
- https://github.com/xkalami-Tta0/CVE/blob/main/DocSys/sql%E6%B3%A8%E5%85%A52.md#vulnerability-analysis-and-reproduction%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90%E5%A4%8D%E7%8E%B0
- https://vuldb.com/?ctiid.340271
- https://vuldb.com/?id.340271
- https://vuldb.com/?submit.725374
- https://github.com/xkalami-Tta0/CVE/blob/main/DocSys/sql%E6%B3%A8%E5%85%A52.md
- https://github.com/xkalami-Tta0/CVE/blob/main/DocSys/sql%E6%B3%A8%E5%85%A52.md#vulnerability-analysis-and-reproduction%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90%E5%A4%8D%E7%8E%B0
Products affected by CVE-2025-15493
-
cpe:2.3:a:docsys_project:docsys:-
-
cpe:2.3:a:docsys_project:docsys:1.00
-
cpe:2.3:a:docsys_project:docsys:1.01
-
cpe:2.3:a:docsys_project:docsys:1.02
-
cpe:2.3:a:docsys_project:docsys:1.03
-
cpe:2.3:a:docsys_project:docsys:1.04
-
cpe:2.3:a:docsys_project:docsys:1.05
-
cpe:2.3:a:docsys_project:docsys:1.06
-
cpe:2.3:a:docsys_project:docsys:1.07
-
cpe:2.3:a:docsys_project:docsys:1.08
-
cpe:2.3:a:docsys_project:docsys:1.09
-
cpe:2.3:a:docsys_project:docsys:1.10
-
cpe:2.3:a:docsys_project:docsys:1.11
-
cpe:2.3:a:docsys_project:docsys:1.12
-
cpe:2.3:a:docsys_project:docsys:1.13
-
cpe:2.3:a:docsys_project:docsys:1.14
-
cpe:2.3:a:docsys_project:docsys:1.15
-
cpe:2.3:a:docsys_project:docsys:1.16
-
cpe:2.3:a:docsys_project:docsys:1.17
-
cpe:2.3:a:docsys_project:docsys:1.17.10
-
cpe:2.3:a:docsys_project:docsys:1.17.11
-
cpe:2.3:a:docsys_project:docsys:1.17.12
-
cpe:2.3:a:docsys_project:docsys:1.17.13
-
cpe:2.3:a:docsys_project:docsys:1.17.14
-
cpe:2.3:a:docsys_project:docsys:1.17.15
-
cpe:2.3:a:docsys_project:docsys:1.17.8
-
cpe:2.3:a:docsys_project:docsys:1.17.9
-
cpe:2.3:a:docsys_project:docsys:2.01
-
cpe:2.3:a:docsys_project:docsys:2.01.00
-
cpe:2.3:a:docsys_project:docsys:2.01.01
-
cpe:2.3:a:docsys_project:docsys:2.01.02
-
cpe:2.3:a:docsys_project:docsys:2.01.03
-
cpe:2.3:a:docsys_project:docsys:2.01.04
-
cpe:2.3:a:docsys_project:docsys:2.01.05
-
cpe:2.3:a:docsys_project:docsys:2.01.06
-
cpe:2.3:a:docsys_project:docsys:2.01.07
-
cpe:2.3:a:docsys_project:docsys:2.01.08
-
cpe:2.3:a:docsys_project:docsys:2.01.09
-
cpe:2.3:a:docsys_project:docsys:2.01.10
-
cpe:2.3:a:docsys_project:docsys:2.01.11
-
cpe:2.3:a:docsys_project:docsys:2.01.12
-
cpe:2.3:a:docsys_project:docsys:2.01.13
-
cpe:2.3:a:docsys_project:docsys:2.01.14
-
cpe:2.3:a:docsys_project:docsys:2.01.15
-
cpe:2.3:a:docsys_project:docsys:2.01.16
-
cpe:2.3:a:docsys_project:docsys:2.01.17
-
cpe:2.3:a:docsys_project:docsys:2.01.18
-
cpe:2.3:a:docsys_project:docsys:2.01.19
-
cpe:2.3:a:docsys_project:docsys:2.01.20
-
cpe:2.3:a:docsys_project:docsys:2.01.21
-
cpe:2.3:a:docsys_project:docsys:2.01.22
-
cpe:2.3:a:docsys_project:docsys:2.01.23
-
cpe:2.3:a:docsys_project:docsys:2.01.24
-
cpe:2.3:a:docsys_project:docsys:2.01.25
-
cpe:2.3:a:docsys_project:docsys:2.01.26
-
cpe:2.3:a:docsys_project:docsys:2.01.27
-
cpe:2.3:a:docsys_project:docsys:2.01.28
-
cpe:2.3:a:docsys_project:docsys:2.01.29
-
cpe:2.3:a:docsys_project:docsys:2.01.30
-
cpe:2.3:a:docsys_project:docsys:2.01.31
-
cpe:2.3:a:docsys_project:docsys:2.01.32
-
cpe:2.3:a:docsys_project:docsys:2.01.33
-
cpe:2.3:a:docsys_project:docsys:2.01.34
-
cpe:2.3:a:docsys_project:docsys:2.01.35
-
cpe:2.3:a:docsys_project:docsys:2.01.36
-
cpe:2.3:a:docsys_project:docsys:2.01.37
-
cpe:2.3:a:docsys_project:docsys:2.01.38
-
cpe:2.3:a:docsys_project:docsys:2.01.39
-
cpe:2.3:a:docsys_project:docsys:2.01.40
-
cpe:2.3:a:docsys_project:docsys:2.01.41
-
cpe:2.3:a:docsys_project:docsys:2.01.42
-
cpe:2.3:a:docsys_project:docsys:2.01.43
-
cpe:2.3:a:docsys_project:docsys:2.01.44
-
cpe:2.3:a:docsys_project:docsys:2.01.45
-
cpe:2.3:a:docsys_project:docsys:2.01.46
-
cpe:2.3:a:docsys_project:docsys:2.01.47
-
cpe:2.3:a:docsys_project:docsys:2.01.48
-
cpe:2.3:a:docsys_project:docsys:2.01.49
-
cpe:2.3:a:docsys_project:docsys:2.01.50
-
cpe:2.3:a:docsys_project:docsys:2.01.51
-
cpe:2.3:a:docsys_project:docsys:2.01.52
-
cpe:2.3:a:docsys_project:docsys:2.01.53
-
cpe:2.3:a:docsys_project:docsys:2.01.54
-
cpe:2.3:a:docsys_project:docsys:2.01.55
-
cpe:2.3:a:docsys_project:docsys:2.01.56
-
cpe:2.3:a:docsys_project:docsys:2.01.57
-
cpe:2.3:a:docsys_project:docsys:2.01.58
-
cpe:2.3:a:docsys_project:docsys:2.01.59
-
cpe:2.3:a:docsys_project:docsys:2.01.60
-
cpe:2.3:a:docsys_project:docsys:2.01.61
-
cpe:2.3:a:docsys_project:docsys:2.01.62
-
cpe:2.3:a:docsys_project:docsys:2.01.63
-
cpe:2.3:a:docsys_project:docsys:2.01.64
-
cpe:2.3:a:docsys_project:docsys:2.01.65
-
cpe:2.3:a:docsys_project:docsys:2.01.66
-
cpe:2.3:a:docsys_project:docsys:2.01.67
-
cpe:2.3:a:docsys_project:docsys:2.01.68
-
cpe:2.3:a:docsys_project:docsys:2.01.69
-
cpe:2.3:a:docsys_project:docsys:2.01.70
-
cpe:2.3:a:docsys_project:docsys:2.01.71
-
cpe:2.3:a:docsys_project:docsys:2.01.72
-
cpe:2.3:a:docsys_project:docsys:2.01.73
-
cpe:2.3:a:docsys_project:docsys:2.01.74
-
cpe:2.3:a:docsys_project:docsys:2.01.75
-
cpe:2.3:a:docsys_project:docsys:2.01.76
-
cpe:2.3:a:docsys_project:docsys:2.01.77
-
cpe:2.3:a:docsys_project:docsys:2.01.78
-
cpe:2.3:a:docsys_project:docsys:2.01.79
-
cpe:2.3:a:docsys_project:docsys:2.01.80
-
cpe:2.3:a:docsys_project:docsys:2.01.81
-
cpe:2.3:a:docsys_project:docsys:2.01.82
-
cpe:2.3:a:docsys_project:docsys:2.01.83
-
cpe:2.3:a:docsys_project:docsys:2.01.84
-
cpe:2.3:a:docsys_project:docsys:2.01.85
-
cpe:2.3:a:docsys_project:docsys:2.01.86
-
cpe:2.3:a:docsys_project:docsys:2.01.87
-
cpe:2.3:a:docsys_project:docsys:2.01.88
-
cpe:2.3:a:docsys_project:docsys:2.01.89
-
cpe:2.3:a:docsys_project:docsys:2.01.90
-
cpe:2.3:a:docsys_project:docsys:2.01.91
-
cpe:2.3:a:docsys_project:docsys:2.01.92
-
cpe:2.3:a:docsys_project:docsys:2.01.93
-
cpe:2.3:a:docsys_project:docsys:2.01.94
-
cpe:2.3:a:docsys_project:docsys:2.01.95
-
cpe:2.3:a:docsys_project:docsys:2.01.96
-
cpe:2.3:a:docsys_project:docsys:2.01.97
-
cpe:2.3:a:docsys_project:docsys:2.01.98
-
cpe:2.3:a:docsys_project:docsys:2.01.99
-
cpe:2.3:a:docsys_project:docsys:2.02.00
-
cpe:2.3:a:docsys_project:docsys:2.02.01
-
cpe:2.3:a:docsys_project:docsys:2.02.02
-
cpe:2.3:a:docsys_project:docsys:2.02.03
-
cpe:2.3:a:docsys_project:docsys:2.02.04
-
cpe:2.3:a:docsys_project:docsys:2.02.05
-
cpe:2.3:a:docsys_project:docsys:2.02.06
-
cpe:2.3:a:docsys_project:docsys:2.02.07
-
cpe:2.3:a:docsys_project:docsys:2.02.08
-
cpe:2.3:a:docsys_project:docsys:2.02.09
-
cpe:2.3:a:docsys_project:docsys:2.02.10
-
cpe:2.3:a:docsys_project:docsys:2.02.11
-
cpe:2.3:a:docsys_project:docsys:2.02.12
-
cpe:2.3:a:docsys_project:docsys:2.02.13
-
cpe:2.3:a:docsys_project:docsys:2.02.14
-
cpe:2.3:a:docsys_project:docsys:2.02.15
-
cpe:2.3:a:docsys_project:docsys:2.02.16
-
cpe:2.3:a:docsys_project:docsys:2.02.17
-
cpe:2.3:a:docsys_project:docsys:2.02.18
-
cpe:2.3:a:docsys_project:docsys:2.02.19
-
cpe:2.3:a:docsys_project:docsys:2.02.20
-
cpe:2.3:a:docsys_project:docsys:2.02.21
-
cpe:2.3:a:docsys_project:docsys:2.02.22
-
cpe:2.3:a:docsys_project:docsys:2.02.23
-
cpe:2.3:a:docsys_project:docsys:2.02.24
-
cpe:2.3:a:docsys_project:docsys:2.02.25
-
cpe:2.3:a:docsys_project:docsys:2.02.26
-
cpe:2.3:a:docsys_project:docsys:2.02.27
-
cpe:2.3:a:docsys_project:docsys:2.02.28
-
cpe:2.3:a:docsys_project:docsys:2.02.29
-
cpe:2.3:a:docsys_project:docsys:2.02.30
-
cpe:2.3:a:docsys_project:docsys:2.02.31
-
cpe:2.3:a:docsys_project:docsys:2.02.32
-
cpe:2.3:a:docsys_project:docsys:2.02.33
-
cpe:2.3:a:docsys_project:docsys:2.02.34
-
cpe:2.3:a:docsys_project:docsys:2.02.35
-
cpe:2.3:a:docsys_project:docsys:2.02.36