RULE(RULE ID:338236)

Rule General Information
Release Date: 2024-07-09
Rule Name: Kirisun Command and Dispatch Management Platform uploadgps.php SQL Injection Vulnerability
Severity:
CVE ID:
Rule Protection Details
Description: The Kirisun Command and Dispatch Management Platform is an efficient integrated communication and command system designed to achieve real-time management and optimization of emergency response, resource allocation, and task coordination through advanced dispatching technology. The uploadgps.php of the Kirisun Command and Dispatch Management Platform has a SQL injection vulnerability, which allows unauthenticated remote attackers to exploit the vulnerability to access information in the database.
Impact: An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully.
Affected OS: Windows, Linux, Others
Reference:
Solutions
Please contact the software vendor to update the software patch.