A vulnerability was found in Tipray Data Leakage Prevention System 1.0. The function findUserPage in findUserPage.do suffers from SQL injection due to argument manipulation. Remote exploitation is possible, and the exploit has been made public. The vendor has been contacted but did not respond.
CVE-2025-11315
🟠High
CVE-2025-11315: SQL Injection in Tipray Data Leakage Prevention System
CVE-2025-11315 is a vulnerability in Tipray's Data Leakage Prevention System enabling SQL injection via manipulated arguments, allowing remote exploitation.
CVE ID
CVE-2025-11315
CVSS Score
7.3
Vendor
unknown
Published
Oct 06
Vulnerability Details
- CVE ID
- CVE-2025-11315
- Severity
- High
- CVSS v3 Score
- 7.3 / 10.0
- Affected Vendor
- unknown
- Publication Date
- October 06, 2025
External Resources
Need Help?
Protect your infrastructure with our comprehensive security scanning tools.
Explore Security Scanners