CVE-2025-28057 | owl-admin up to 4.10.2 save_order sql injection

Inserito da Angelo Barbosa | Mag 13, 2025 | CVE

A vulnerability was found in owl-admin up to 4.10.2. It has been rated as critical. This issue affects some unknown processing of the file /admin-api/system/admin_menus/save_order. The manipulation leads to sql injection.

The identification of this vulnerability is CVE-2025-28057. The attack may be initiated remotely. There is no exploit available.

CVE-2025-28057 | owl-admin up to 4.10.2 save_order sql injection

Post correlati

CVE-2023-31001 | IBM Security Verify Access Appliance up to 10.0.6.1 storing passwords in a recoverable format (XFDB-254653)

CVE-2024-31203 | Plug&Track Thermoscan IP 20211103 wd210std.dll stack-based overflow

CVE-2025-23046 | GLPI up to 10.0.17 OauthIMAP Plugin incorrect implementation of authentication algorithm (GHSA-vfxc-qg3v-j2r5)

CVE-2024-27774 | Unitronics Unistream Unilogic prior 1.35.227 hard-coded password