CVE-2025-50567 | Saurus CMS Community Edition 4.7.1 Query Parameter /e DB::prepare sql injection

Inserito da Angelo Barbosa | Ago 19, 2025 | CVE

A vulnerability classified as critical has been found in Saurus CMS Community Edition 4.7.1. The affected element is the function DB::prepare of the file /e of the component Query Parameter Handler. This manipulation causes sql injection.

This vulnerability is tracked as CVE-2025-50567. The attack is possible to be carried out remotely. No exploit exists.

CVE-2025-50567 | Saurus CMS Community Edition 4.7.1 Query Parameter /e DB::prepare sql injection

Post correlati

CVE-2025-46018 | CSC Pay Mobile App up to 2.19.3 Bluetooth improper authorization

CVE-2023-48340 | Unisoc S8000 Video Decoder out-of-bounds write

CVE-2024-12548 | Tungsten Automation Power JP2 File Parser use after free (ZDI-24-1680)

CVE-2024-45861 | Kastle Systems Access Control System hard-coded credentials (icsa-24-263-05)