CVE-2025-6829

A vulnerability was found in aaluoxiang oa_system up to c3a08168c144f27256a90838492c713f55f1b207 and classified as critical. This issue affects the function outAddress of the component External Address Book Handler. The manipulation leads to sql injection. The attack may be initiated remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

Published: Jun 29, 2025
Updated: Jun 29, 2025
CVE: CVE-2025-6829
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.3
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWEs:

CWE-74
CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

No affected software listed.

https://github.com/chujianxin0101/vuln/issues/5
https://vuldb.com/?ctiid.314267
https://vuldb.com/?id.314267
https://vuldb.com/?submit.603033

Vulnerability Database

289,697

CVE-2025-6829