CVE-2025-12342 | Serdar Bayram Ghost Hot Spot up to 20251014 Login /Auth.php sql injection

Inserito da Angelo Barbosa | Ott 27, 2025 | CVE

A vulnerability was found in Serdar Bayram Ghost Hot Spot up to 20251014. It has been rated as critical. The affected element is an unknown function of the file /Auth.php of the component Login. This manipulation causes sql injection.

This vulnerability is tracked as CVE-2025-12342. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-12342 | Serdar Bayram Ghost Hot Spot up to 20251014 Login /Auth.php sql injection

Post correlati

CVE-2024-29122 | Foliovision FV Flowplayer Video Player Plugin up to 7.5.41.7212 on WordPress cross site scripting

CVE-2021-47387 | Linux Kernel up to 5.14.9 lib/debugobjects.c delayed_work_timer_fn use after free

CVE-2021-47554 | Linux Kernel up to 5.15.5 vdpa_sim vdpasim_create null pointer dereference (e4d58ac67e63/bb93ce4b150d)

CVE-2024-5506 | Luxion KeyShot Viewer KSP File Parser out-of-bounds write