News | SOUTHERN TAIWAN UNIVERSITY OF SCIENCE AND TECHNOLOGY Library and Information Services

:::

[Security Vulnerability Warning] NEW TYPE INFORTECH CO., LTD.｜NUP Portal - SQL Injection

Type：行政公告

Pubish Date：2025/09/25 至 2026/03/25

Visitors：32

Forwarded by Taiwan Computer Network Crisis Management and Coordination Center (TWCERTCC-200-202509-00000010)

[Description]
[NEW TYPE INFORTECH CO., LTD. | NUP Portal - SQL Injection] (CVE-2025-10266, CVSS: 9.8) An unauthenticated remote attacker can inject arbitrary SQL commands to read, modify, and delete database content.

[Affected Platforms]
NUP Portal SP5.0 and earlier

[Recommended Action]
Update to SP5.1 and later

[References]
1. NEW TYPE INFORTECH CO., LTD. | NUP Portal - Two vulnerabilities: https://www.twcert.org.tw/tw/cp-132-10377-89750-1.html

相關附件

參考資料

返回列表