Browse all 4 CVE security advisories affecting sfturing. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Sfturing develops software testing tools focused on application security analysis. Historically, their products have been associated with vulnerabilities including remote code execution, cross-site scripting, and privilege escalation issues. The company has recorded four CVEs, primarily related to input validation flaws and insecure default configurations. While no major security incidents have been publicly documented, the consistent pattern of vulnerabilities suggests potential weaknesses in their security development lifecycle. Their tools, while intended to improve security, have themselves become sources of risk, highlighting the importance of thorough vetting of security software before deployment in production environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-15450 | sfturing hosp_order orderHos findOrderHosNum sql injection — hosp_orderCWE-89 | 6.3 | Medium | 2026-01-05 |
| CVE-2025-6768 | sfturing hosp_order HospitalServiceImpl.java findAllHosByCondition sql injection — hosp_orderCWE-89 | 6.3 | Medium | 2025-06-27 |
| CVE-2025-6767 | sfturing hosp_order DoctorServiceImpl.java findDoctorByCondition sql injection — hosp_orderCWE-89 | 6.3 | Medium | 2025-06-27 |
| CVE-2025-6766 | sfturing hosp_order OfficeServiceImpl.java getOfficeName sql injection — hosp_orderCWE-89 | 6.3 | Medium | 2025-06-27 |
This page lists every published CVE security advisory associated with sfturing. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.