CVE-2025-25426 | yshopmall up to 1.9.0 Image Listing Interface sql injection (Issue 34)

Inserito da Angelo Barbosa | Mar 5, 2025 | CVE

A vulnerability, which was classified as critical, has been found in yshopmall up to 1.9.0. This issue affects some unknown processing of the component Image Listing Interface. The manipulation leads to sql injection.

The identification of this vulnerability is CVE-2025-25426. The attack may be initiated remotely. There is no exploit available.

CVE-2025-25426 | yshopmall up to 1.9.0 Image Listing Interface sql injection (Issue 34)

Post correlati

CVE-2024-8728 | Easy Load More Plugin up to 1.0.3 on WordPress cross site scripting

CVE-2022-25480 | Realtek RtsPer Driver for PCIe Card Reader Kernel Memory RtsPer.sys buffer overflow

CVE-2024-1834 | SourceCodester Simple Student Attendance System 1.0 ?page=attendance&class_id=1 class_date cross site scripting

CVE-2024-3642 | Newsletter Popup Plugin up to 1.2 on WordPress cross-site request forgery