Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-6169

The WIMP website co-construction management platform from HAMASTAR Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.

Published

2025-06-16T07:15:20.077

Last Modified

2025-06-16T12:32:18.840

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Secondary
CWE-89

Affected Vendors & Products

References

https://www.twcert.org.tw/en/cp-139-10184-f29ca-2.html ([email protected])
https://www.twcert.org.tw/tw/cp-132-10183-99ce1-1.html ([email protected])