CVE Details
Basic Information
| Title | Brilliance Golden Link Secondary System logSelect.htm sql injection |
|---|---|
| Type | cve |
| Published | 2025-06-05T22:00:17.240Z |
| Last Seen |
Product Information
| Vendor | Brilliance |
|---|---|
| Product | Golden Link Secondary System |
| Version | 20250424 |
CVSS Information
| Base Score | 5.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A SQL injection vulnerability was discovered in the Brilliance Golden Link Secondary System up to version 20250424. This vulnerability allows remote attackers to inject malicious SQL code via the nodename argument in logSelect.htm. The exploit is publicly available, making it a significant concern for system security. |
|---|---|
| AI Severity | Medium |
| Vendor | Brilliance |
| Product | Golden Link Secondary System |
| Affected Version | 20250424 |
Affected Products
- Brilliance Golden Link Secondary System 20250424
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-89, CWE-74 |
| Bulletin Family |
References
Description
A vulnerability, which was classified as critical, was found in Brilliance Golden Link Secondary System up to 20250424. Affected is an unknown function of the file /sysframework/logSelect.htm. The manipulation of the argument nodename leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.