CVE-2025-11944 | givanz Vvveb up to 1.0.7.3 Raw SQL import.php import sql injection (Issue 332)

Inserito da Angelo Barbosa | Ott 19, 2025 | CVE

A vulnerability identified as critical has been detected in givanz Vvveb up to 1.0.7.3. This affects the function Import of the file admin/controller/tools/import.php of the component Raw SQL Handler. This manipulation causes sql injection.

This vulnerability appears as CVE-2025-11944. The attack may be initiated remotely. In addition, an exploit is available.

It is recommended to apply a patch to fix this issue.

CVE-2025-11944 | givanz Vvveb up to 1.0.7.3 Raw SQL import.php import sql injection (Issue 332)

Post correlati

CVE-2024-51337 | Gibbon up to 27.0.00 user_manage_editProcess.php. email cross site scripting

CVE-2024-48786 | SwitchBot com.theswitchbot.switchbot 5.0.4 Firmware Update information disclosure

CVE-2024-21648 | XWiki xwiki-platform/xwiki-platform-oldcore Rollback Action insufficient privileges

CVE-2025-38126 | Linux Kernel up to 6.1.141/6.6.93/6.12.33/6.15.2 Stmmac Platform Driver clk_ptp_rate divide by zero