A vulnerability was identified in Tipray Data Leakage Prevention System 1.0. This affects the function findRolePage of the file findSingConfigPage.do. The manipulation of the argument sort leads to SQL injection, which can be carried out remotely. The exploit is publicly available. The vendor was contacted but did not respond.
CVE-2025-11317
🟠High
CVE-2025-11317: Remote SQL Injection in Tipray Data Leakage Prevention System
A vulnerability in Tipray Data Leakage Prevention System 1.0 allows remote SQL injection through the findRolePage function. An exploit is publicly available.
CVE ID
CVE-2025-11317
CVSS Score
7.3
Vendor
unknown
Published
Oct 06
Vulnerability Details
- CVE ID
- CVE-2025-11317
- Severity
- High
- CVSS v3 Score
- 7.3 / 10.0
- Affected Vendor
- unknown
- Publication Date
- October 06, 2025
External Resources
Need Help?
Protect your infrastructure with our comprehensive security scanning tools.
Explore Security Scanners