CVE-2025-4795 | gongfuxiang schoolcms 2.3.1 index.php?m=Admin&c=article&a=SaveInfo ID sql injection

Inserito da Angelo Barbosa | Mag 15, 2025 | CVE

A vulnerability classified as critical has been found in gongfuxiang schoolcms 2.3.1. This affects the function SaveInfo of the file /index.php?m=Admin&c=article&a=SaveInfo. The manipulation of the argument ID leads to sql injection.

This vulnerability is uniquely identified as CVE-2025-4795. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2025-4795 | gongfuxiang schoolcms 2.3.1 index.php?m=Admin&c=article&a=SaveInfo ID sql injection

Post correlati

CVE-2024-37662 | TP-LINK TL-7DR5130 1.0.23 TCP Remote Code Execution

CVE-2025-24971 | DumbWareio DumbDrop /upload/init os command injection (GHSA-rx8m-jqm7-vcgp)

CVE-2024-20473 | Cisco Secure Firewall Management Center Software sql injection (cisco-sa-fmc-sql-inj-LOYAFcfq)

CVE-2024-13025 | Codezips College Management System 1.0 /Front-end/faculty.php book_name/book_author sql injection