A weakness has been identified in Tipray Data Leakage Prevention System 1.0. The affected element is the function findFileServerPage of the file findFileServerPage.do. Executing manipulation of the argument sort can lead to SQL injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond.
CVE-2025-11310
🟠High
CVE-2025-11310: Vulnerability in Tipray Data Leakage Prevention System
A weakness in Tipray's Data Leakage Prevention System 1.0 allows for SQL injection via the findFileServerPage function, potentially exploitable remotely.
CVE ID
CVE-2025-11310
CVSS Score
7.3
Vendor
unknown
Published
Oct 06
Vulnerability Details
- CVE ID
- CVE-2025-11310
- Severity
- High
- CVSS v3 Score
- 7.3 / 10.0
- Affected Vendor
- unknown
- Publication Date
- October 06, 2025
External Resources
Need Help?
Protect your infrastructure with our comprehensive security scanning tools.
Explore Security Scanners