{"id":5995,"date":"2025-05-26T15:29:40","date_gmt":"2025-05-26T15:29:40","guid":{"rendered":"http:\/\/localhost\/?p=5995"},"modified":"2025-05-26T15:29:40","modified_gmt":"2025-05-26T15:29:40","slug":"llisoft-mta-maita-training-system-adminshiticontrollerjava-adminshitilistrequestvo-sql-injection","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=5995","title":{"rendered":"llisoft MTA Maita Training System AdminShitiController.java AdminShitiListRequestVo sql injection"},"content":{"rendered":"<h2>CVE Details<\/h2>\n<h3>Basic Information<\/h3>\n<table style=\"width:100%; border-collapse: collapse; margin-bottom: 20px;\">\n<tr>\n<th>Title<\/th>\n<td>llisoft MTA Maita Training System AdminShitiController.java AdminShitiListRequestVo sql injection<\/td>\n<\/tr>\n<tr>\n<th>Type<\/th>\n<td>cve<\/td>\n<\/tr>\n<tr>\n<th>Published<\/th>\n<td>2025-05-26T05:00:10.873Z<\/td>\n<\/tr>\n<tr>\n<th>Last Seen<\/th>\n<td><\/td>\n<\/tr>\n<\/table>\n<h3>Product Information<\/h3>\n<table style=\"width:100%; border-collapse: collapse; margin-bottom: 20px;\">\n<tr>\n<th>Vendor<\/th>\n<td>llisoft<\/td>\n<\/tr>\n<tr>\n<th>Product<\/th>\n<td>MTA Maita Training System<\/td>\n<\/tr>\n<tr>\n<th>Version<\/th>\n<td>4.5<\/td>\n<\/tr>\n<\/table>\n<h3>CVSS Information<\/h3>\n<table style=\"width:100%; border-collapse: collapse; margin-bottom: 20px;\">\n<tr>\n<th>Base Score<\/th>\n<td style=\"color: #ffcc00; font-weight: bold;\">5.3 (MEDIUM)<\/td>\n<\/tr>\n<tr>\n<th>Attack Vector<\/th>\n<td>CVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:L\/UI:N\/VC:L\/VI:L\/VA:L\/SC:N\/SI:N\/SA:N<\/td>\n<\/tr>\n<tr>\n<th>Confidentiality Impact<\/th>\n<td><\/td>\n<\/tr>\n<tr>\n<th>Integrity Impact<\/th>\n<td><\/td>\n<\/tr>\n<tr>\n<th>Availability Impact<\/th>\n<td><\/td>\n<\/tr>\n<\/table>\n<h3>AI Analysis<\/h3>\n<table style=\"width:100%; border-collapse: collapse; margin-bottom: 20px;\">\n<tr>\n<th>AI Description<\/th>\n<td>A critical SQL injection vulnerability exists in llisoft MTA Maita Training System 4.5, specifically in the AdminShitiListRequestVo function. This allows remote attackers to execute arbitrary SQL commands via the stTypeIds parameter. The vulnerability has been publicly disclosed, and the vendor has not responded to the issue.<\/td>\n<\/tr>\n<tr>\n<th>AI Severity<\/th>\n<td>Medium<\/td>\n<\/tr>\n<tr>\n<th>Vendor<\/th>\n<td>llisoft<\/td>\n<\/tr>\n<tr>\n<th>Product<\/th>\n<td>MTA Maita Training System<\/td>\n<\/tr>\n<tr>\n<th>Affected Version<\/th>\n<td>4.5<\/td>\n<\/tr>\n<\/table>\n<h3>Additional Information<\/h3>\n<table style=\"width:100%; border-collapse: collapse; margin-bottom: 20px;\">\n<tr>\n<th>CVE List<\/th>\n<td><\/td>\n<\/tr>\n<tr>\n<th>CWE List<\/th>\n<td>CWE-89, CWE-74<\/td>\n<\/tr>\n<tr>\n<th>Bulletin Family<\/th>\n<td><\/td>\n<\/tr>\n<tr>\n<th>Source Data<\/th>\n<td>llisoft MTA Maita Training System 4.5<\/td>\n<\/tr>\n<\/table>\n<h3>Source Information<\/h3>\n<table style=\"width:100%; border-collapse: collapse; margin-bottom: 20px;\">\n<tr>\n<th>Source Data<\/th>\n<td>llisoft MTA Maita Training System 4.5<\/td>\n<\/tr>\n<tr>\n<th>Source Link<\/th>\n<td><a href=\"\" target=\"_blank\"><\/a><\/td>\n<\/tr>\n<\/table>\n<h3>Description<\/h3>\n<div style=\"padding: 15px; border-left: 4px solid #4CAF50; margin-bottom: 20px;\">A vulnerability classified as critical was found in llisoft MTA Maita Training System 4.5. This vulnerability affects the function AdminShitiListRequestVo of the file com\\llisoft\\controller\\admin\\shiti\\AdminShitiController.java. The manipulation of the argument stTypeIds leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.<\/div>\n<h3>CVSS Score Summary<\/h3>\n<div style=\"padding: 15px; border: 1px solid #ddd; margin-bottom: 20px;\">\n<p style=\"margin: 0;\"><strong>Base Score:<\/strong> <span style=\"color: #ffcc00;\">5.3 (MEDIUM)<\/span><\/p>\n<\/div>\n<p><a href=\"\" target=\"_blank\" style=\"display: inline-block; background-color: #4CAF50; color: white; padding: 10px 20px; text-decoration: none; border-radius: 4px;\">View Full CVE Details<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE Details Basic Information Title llisoft MTA Maita Training System AdminShitiController.java AdminShitiListRequestVo sql injection Type cve Published 2025-05-26T05:00:10.873Z Last Seen Product Information Vendor llisoft Product&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,22,12,21,13,7,11,5],"class_list":["post-5995","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-53","tag-exploit","tag-medium","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>llisoft MTA Maita Training System AdminShitiController.java AdminShitiListRequestVo sql injection - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=5995\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"llisoft MTA Maita Training System AdminShitiController.java AdminShitiListRequestVo sql injection - zero redgem\" \/>\n<meta property=\"og:description\" content=\"CVE Details Basic Information Title llisoft MTA Maita Training System AdminShitiController.java AdminShitiListRequestVo sql injection Type cve Published 2025-05-26T05:00:10.873Z Last Seen Product Information Vendor llisoft Product...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=5995\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-26T15:29:40+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5995#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5995\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"llisoft MTA Maita Training System AdminShitiController.java AdminShitiListRequestVo sql injection\",\"datePublished\":\"2025-05-26T15:29:40+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5995\"},\"wordCount\":252,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-5.3\",\"exploit\",\"MEDIUM\",\"news\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_cve\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=5995#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5995\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5995\",\"name\":\"llisoft MTA Maita Training System AdminShitiController.java AdminShitiListRequestVo sql injection - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-05-26T15:29:40+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5995#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=5995\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5995#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"llisoft MTA Maita Training System AdminShitiController.java AdminShitiListRequestVo sql injection\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"llisoft MTA Maita Training System AdminShitiController.java AdminShitiListRequestVo sql injection - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=5995","og_locale":"en_US","og_type":"article","og_title":"llisoft MTA Maita Training System AdminShitiController.java AdminShitiListRequestVo sql injection - zero redgem","og_description":"CVE Details Basic Information Title llisoft MTA Maita Training System AdminShitiController.java AdminShitiListRequestVo sql injection Type cve Published 2025-05-26T05:00:10.873Z Last Seen Product Information Vendor llisoft Product...","og_url":"https:\/\/zero.redgem.net\/?p=5995","og_site_name":"zero redgem","article_published_time":"2025-05-26T15:29:40+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=5995#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=5995"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"llisoft MTA Maita Training System AdminShitiController.java AdminShitiListRequestVo sql injection","datePublished":"2025-05-26T15:29:40+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=5995"},"wordCount":252,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-5.3","exploit","MEDIUM","news","Security","tapic","Vulnerability"],"articleSection":["category_cve"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=5995#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=5995","url":"https:\/\/zero.redgem.net\/?p=5995","name":"llisoft MTA Maita Training System AdminShitiController.java AdminShitiListRequestVo sql injection - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-05-26T15:29:40+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=5995#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=5995"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=5995#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"llisoft MTA Maita Training System AdminShitiController.java AdminShitiListRequestVo sql injection"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/5995","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5995"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/5995\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5995"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5995"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5995"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}