CVE-2025-8161 | deerwms deer-wms-2 up to 3.3 /system/role/export params[dataScope] sql injection (ICLQQG)

Inserito da Angelo Barbosa | Lug 25, 2025 | CVE

A vulnerability classified as critical was found in deerwms deer-wms-2 up to 3.3. Affected by this vulnerability is an unknown functionality of the file /system/role/export. The manipulation of the argument params[dataScope] leads to sql injection.

This vulnerability is known as CVE-2025-8161. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2025-8161 | deerwms deer-wms-2 up to 3.3 /system/role/export params[dataScope] sql injection (ICLQQG)

Post correlati

CVE-2024-36588 | Annonshop HTTP Request Privilege Escalation

CVE-2024-12309 | collizo4sky Rate my Post Plugin up to 4.2.4 on WordPress get_post_status authorization

CVE-2024-10357 | Clever Addons for Elementor Plugin up to 2.2.1 on WordPress Elementor Template information disclosure

CVE-2024-0343 | CodeAstro Simple House Rental System 5.6 Login Panel cross site scripting