CVE-2025-6829

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/chujianxin0101/vuln/issues/5", "name": "https://github.com/chujianxin0101/vuln/issues/5", "tags": ["Exploit", "Third Party Advisory", "Issue Tracking"], "refsource": ""}, {"url": "https://github.com/chujianxin0101/vuln/issues/5", "name": "https://github.com/chujianxin0101/vuln/issues/5", "tags": ["Exploit", "Third Party Advisory", "Issue Tracking"], "refsource": ""}, {"url": "https://vuldb.com/?ctiid.314267", "name": "VDB-314267 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["Permissions Required"], "refsource": ""}, {"url": "https://vuldb.com/?id.314267", "name": "VDB-314267 | aaluoxiang oa_system External Address Book outAddress sql injection", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": ""}, {"url": "https://vuldb.com/?submit.603033", "name": "Submit #603033 | ?????? oasys master SQL Injection", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A vulnerability was found in aaluoxiang oa_system up to c3a08168c144f27256a90838492c713f55f1b207 and classified as critical. This issue affects the function outAddress of the component External Address Book Handler. The manipulation leads to sql injection. The attack may be initiated remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-6829", "ASSIGNER": "cna@vuldb.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}}, "publishedDate": "2025-06-28T23:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:aaluoxiang:oa_system:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-07-08T14:41Z"}