CVE-2025-8162 | deerwms deer-wms-2 up to 3.3 /system/dept/list params[dataScope] sql injection (ICLQKV)

Inserito da Angelo Barbosa | Lug 25, 2025 | CVE

A vulnerability, which was classified as critical, has been found in deerwms deer-wms-2 up to 3.3. Affected by this issue is some unknown functionality of the file /system/dept/list. The manipulation of the argument params[dataScope] leads to sql injection.

This vulnerability is handled as CVE-2025-8162. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2025-8162 | deerwms deer-wms-2 up to 3.3 /system/dept/list params[dataScope] sql injection (ICLQKV)

Post correlati

CVE-2024-11010 | FileOrganizer Plugin up to 1.1.4 on WordPress file inclusion

CVE-2023-48284 | WebToffee Decorator Plugin up to 1.2.7 on WordPress cross-site request forgery

CVE-2024-40652 | Google Android 12/12L/13/14 SettingsHomepageActivity.java onCreate permission

CVE-2025-0960 | AutomationDirect C-more EA9 HMI EA9-T6CL up to 6.79 buffer overflow (icsa-25-035-08)