CVE-2025-15169 | BiggiDroid Simple PHP CMS 1.0 /admin/editsite.php ID sql injection (IDBDAY)

Inserito da Angelo Barbosa | Dic 28, 2025 | CVE

A vulnerability classified as critical was found in BiggiDroid Simple PHP CMS 1.0. Affected by this issue is some unknown functionality of the file /admin/editsite.php. Executing manipulation of the argument ID can lead to sql injection.

This vulnerability appears as CVE-2025-15169. The attack may be performed from remote. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-15169 | BiggiDroid Simple PHP CMS 1.0 /admin/editsite.php ID sql injection (IDBDAY)

Post correlati

CVE-2024-25706 | Esri Portal for ArcGIS up to 11.0 cross site scripting

CVE-2024-29792 | Unlimited Elements for Elementor Plugin up to 1.5.93 on WordPress cross site scripting

CVE-2025-14607 | OFFIS DCMTK up to 3.6.9 dcmdata dcbytstr.cc makeDicomByteString memory corruption (Issue 1184)

CVE-2024-1899 | Showdownjs up to 2.1.0 Anchors Subparser denial of service