Primary

Context

Uniong WebITR SQL Injection Vulnerability

Vulnerability

A SQL injection vulnerability has been identified in Uniong's WebITR application, specifically in versions through 2_1_0_33. This vulnerability allows authenticated remote attackers to inject arbitrary SQL commands, potentially leading to unauthorized access to database contents.

Impact

Exploitation of this vulnerability allows for SQL injection, enabling attackers to manipulate database queries and access or modify database information.

Remediation

Users are advised to update WebITR to version 2_1_0_34 or later.

Added: Nov 28, 2025, 8:18 AM

Updated: Nov 28, 2025, 8:18 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

1.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

1.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Uniong WebITR SQL Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating