CVE-2025-22214
MEDIUM EXPLOITED NUCLEILandray EIS <2006 - SQL Injection
Title source: llmDescription
Landray EIS 2001 through 2006 allows Message/fi_message_receiver.aspx?replyid= SQL injection.
Exploits (1)
github
WORKING POC
40 stars
by iSee857 · pythonpoc
https://github.com/iSee857/CVE-PoC/tree/main/LanLingEIS(CVE-2025-22214).py
Nuclei Templates (1)
Landray EIS SQL注入漏洞
CRITICALVERIFIEDby Ark
FOFA:
body="/jquery.landray.dialog.js"
Scores
CVSS v3
4.3
EPSS
0.0019
EPSS Percentile
40.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Details
VulnCheck KEV
2025-11-28
CWE
CWE-89
Status
published
Published
Jan 02, 2025
Tracked Since
Feb 18, 2026