CVE-2025-15024
8.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Improper Control of Generation of Code ('Code Injection') vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Remote Code Inclusion.
This issue affects Library Automation System: from v.19.5 before v.22.1.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. | Library Automation System | v.19.5 < v.22.1 | affected |
Weaknesses
- CWE-94: CWE-94 Improper Control of Generation of Code ('Code Injection')
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.