CVE-2025-11309 🟠 High

CVE-2025-11309: SQL Injection Vulnerability in Tipray Data Leakage Prevention System

A SQL injection vulnerability in Tipray Data Leakage Prevention System 1.0 allows remote exploitation through argument manipulation in the doFilter function.

CVE ID

CVE-2025-11309

CVSS Score

7.3

Vendor

unknown

Published

Oct 05

A security flaw has been discovered in Tipray Data Leakage Prevention System 1.0. The function doFilter in the file findDeptPage.do is affected. Manipulating the argument sort leads to SQL injection, allowing remote attacks. The exploit has been made public, and there has been no response from the vendor after being notified.

Vulnerability Details

CVE ID: CVE-2025-11309
Severity: High
CVSS v3 Score: 7.3 / 10.0
Affected Vendor: unknown
Publication Date: October 05, 2025

External Resources

NIST NVD Database
MITRE CVE

Need Help?

Protect your infrastructure with our comprehensive security scanning tools.

Explore Security Scanners

Back to CVE Database