Zte: >> Zxcloud Goldendb >> 7.2.01.01 Security Vulnerabilities
There are SQL injection vulnerabilities in multiple interfaces of the GoldenDB database product. Attackers can exploit these interfaces to inject commands and extract sensitive database information.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-04-27
There is a DDE injection vulnerability in the GoldenDB database product. Attackers can inject DDE expressions through the interface, and when users download and open the affected file, the DDE commands can be executed.
CVSS Score
8.4
EPSS Score
0.0
Published
2025-04-27
There is an information disclosure vulnerability in the GoldenDB database product. Attackers can exploit error messages to obtain the system's sensitive information.
CVSS Score
4.9
EPSS Score
0.0
Published
2025-04-27
There is a Permission Management and Access Control vulnerability in the GoldenDB database product. Attackers can manipulate requests to bypass privilege restrictions and delete content.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-04-27
There is a SQL injection vulnerability in the GoldenDB database product. Attackers can inject commands to extract database information.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-04-27
There is an information disclosure vulnerability in the GoldenDB database product. Attackers can exploit error messages to obtain the system's sensitive information.
CVSS Score
4.1
EPSS Score
0.001
Published
2025-04-27