Browse all 35 CVE security advisories affecting star7th. AI-powered Chinese analysis, POCs, and references for each vulnerability.
star7th operates primarily as a provider of enterprise resource planning and customer relationship management software solutions, targeting mid-sized businesses with integrated administrative tools. Security audits have identified approximately 35 Common Vulnerabilities and Exposures associated with their platforms, predominantly involving SQL injection and cross-site scripting flaws. These vulnerabilities frequently stem from insufficient input validation in web interfaces, allowing attackers to manipulate database queries or inject malicious scripts. While remote code execution incidents are less frequent, privilege escalation risks remain a concern due to improper access control mechanisms in certain modules. No major public data breaches have been widely reported, though the consistent presence of these CVEs suggests ongoing challenges in securing legacy codebases. Organizations utilizing star7th products should prioritize regular patching and implement strict input sanitization protocols to mitigate these known attack vectors effectively.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-6982 | star7th ShowDoc API Page Sort Endpoint PageController.class.PHP sql injection — ShowDocCWE-89 | 6.3 | Medium | 2026-04-25 |
This page lists every published CVE security advisory associated with star7th. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.