CVE Alert: CVE-2025-10968 - GG Soft Software Services Inc. - PaperWork

CVE-2025-10968

HIGHNo exploitation known

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’), CWE – 564 – SQL Injection: Hibernate vulnerability in GG Soft Software Services Inc. PaperWork allows Blind SQL Injection, SQL Injection.This issue affects PaperWork: from 6.1.0.9390 before 6.1.0.9398.

CVSS v3.1 (8.8)

AV NETWORK · AC LOW · PR LOW · UI NONE · S UNCHANGED

Vendor

GG Soft Software Services Inc.

Product

PaperWork

Versions

6.1.0.9390 lt 6.1.0.9398

CWE

CWE-89, CWE-89 Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Published

2025-11-07T13:08:41.209Z

Updated

2025-11-07T13:22:39.031Z

References

https://www.usom.gov.tr/bildirim/tr-25-0381

AI Summary Analysis

Risk verdict

High severity: remote SQL injection with network access to PaperWork could enable disclosure, modification or destruction of data; patching should be prioritised.

Why this matters

The vulnerability affects data confidentiality, integrity and availability, with low attacker effort and no user interaction required. In practice, this could enable data exfiltration, tampering or denial of service across affected deployments, potentially impacting business operations and regulatory compliance.

Most likely attack path

Exploitation requires reachable PaperWork endpoints susceptible to improper input neutralisation. An attacker can send crafted requests over the network, leveraging low privileges and no UI interaction to perform injection, bypassing authentication in some configurations and directly querying/modifying the underlying database. Given a network-vector, environments with older 6.1.0.9390–9397 releases are most exposed.

Who is most exposed

On-premises or cloud-hosted PaperWork installations that expose web-facing interfaces or have direct DB access, particularly in SMB/mid‑market deployments where patch cycles may be slower and security controls less rigid.

Detection ideas

Unusual or error-prone database queries in app logs.
Spike in long-running queries or abnormal data export activity.
IDS/IPS or WAF alerts for SQLi payload patterns.
Anomalous authentication or access patterns to the PaperWork DB.
Unexpected application errors tied to input handling.

Mitigation and prioritisation

Apply patch to 6.1.0.9398 or newer immediately; verify through change control.
Restrict exposure: disable or shield vulnerable endpoints; enforce VPN or zero-trust access for management.
Enforce secure coding practices: parameterised queries/prepared statements; review Hibernate usage.
Implement least-privilege DB service accounts and rotate credentials; enable strict DB auditing.
Deploy updated WAF/IDS signatures; enhance monitoring for SQLi indicators; schedule follow-up vulnerability scanning.

Support Our Work

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on Patreon or Buy Me A Coffee using the buttons below.

AI APIs OSINT driven New features

Buy Me A Coffee Patreon

Tags: CVE, cve-2025-10968, gg-soft-software-services-inc, OSINT, paperwork, threatintel