Back to KEVs

CVE-2025-22214

Landray EIS 2001 through 2006 allows Message/fi_message_receiver.aspx?replyid= SQL injection.

Basic Information

CVE State
PUBLISHED
Reserved Date
January 02, 2025
Published Date
January 02, 2025
Last Updated
January 02, 2025
Vendor
n/a
Product
n/a
Description
Landray EIS 2001 through 2006 allows Message/fi_message_receiver.aspx?replyid= SQL injection.
Tags
nuclei_scanner

CVSS Scores

CVSS v3.1

4.3 - MEDIUM

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

SSVC Information

Exploitation
none
Technical Impact
partial

Exploit Status

Exploited in the Wild
Yes (2026-02-19 00:00:00 UTC) Source

References

https://github.com/Zerone0x00/CVE/blob/main/%E8%93%9D%E5%87%8CEISsql%E6%B3%A8%E5%85%A5/1.md

Known Exploited Vulnerability Information

Source Added Date
The Shadowserver (via CIRCL) 2026-02-19 00:00:00 UTC

Scanner Integrations

Scanner URL Date Detected
Nuclei https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-22214.yaml 2026-06-01 15:34:40 UTC

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel

  • Detected by Nuclei