CVE-2025-2118 | Quantico Tecnologia PRMV 6.48 Login Endpoint /admin/login.php username sql injection

Inserito da Angelo Barbosa | Mar 8, 2025 | CVE

A vulnerability was found in Quantico Tecnologia PRMV 6.48. It has been classified as critical. This affects an unknown part of the file /admin/login.php of the component Login Endpoint. The manipulation of the argument username leads to sql injection.

This vulnerability is uniquely identified as CVE-2025-2118. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2025-2118 | Quantico Tecnologia PRMV 6.48 Login Endpoint /admin/login.php username sql injection

Post correlati

CVE-2024-7204 | Ai3 QbiBot up to 8.0.9.b1 Chat Box cross site scripting

CVE-2024-2688 | wpdevteam EmbedPress Plugin up to 3.9.12 on WordPress cross site scripting

CVE-2024-28392 | pscartabandonmentpro up to 2.0.11 on PrestaShop setEmailVisualized sql injection

CVE-2024-10581 | designinvento DirectoryPress Frontend Plugin up to 2.7.9 on WordPress dpfl_listingStatusChange cross-site request forgery