CVE-2025-11944 | givanz Vvveb up to 1.0.7.3 Raw SQL import.php import sql injection (Issue 332)

Inserito da Angelo Barbosa | Ott 19, 2025 | CVE

A vulnerability identified as critical has been detected in givanz Vvveb up to 1.0.7.3. This affects the function Import of the file admin/controller/tools/import.php of the component Raw SQL Handler. This manipulation causes sql injection.

This vulnerability appears as CVE-2025-11944. The attack may be initiated remotely. In addition, an exploit is available.

It is recommended to apply a patch to fix this issue.

CVE-2025-11944 | givanz Vvveb up to 1.0.7.3 Raw SQL import.php import sql injection (Issue 332)

Post correlati

CVE-2024-38631 | Linux Kernel up to 6.9.3 PAC1934 array index (8dbcb3a8cfdf/51fafb3cd7fc)

CVE-2023-4507 | Admission AppManager Plugin up to 1.0.0 on WordPress cross site scripting

CVE-2024-13579 | platcom WP-Asambleas Plugin up to 2.85.0 on WordPress Shortcode cross site scripting

CVE-2024-0911 | GNU Indent 2.2.13 set_buf_break heap-based overflow