CVE-2025-5434 | Aem Solutions CMS up to 1.0 /page.php ID sql injection

Inserito da Angelo Barbosa | Giu 1, 2025 | CVE

A vulnerability was found in Aem Solutions CMS up to 1.0. It has been classified as critical. This affects an unknown part of the file /page.php. The manipulation of the argument ID leads to sql injection.

This vulnerability is uniquely identified as CVE-2025-5434. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-5434 | Aem Solutions CMS up to 1.0 /page.php ID sql injection

Post correlati

CVE-2021-35001 | BMC Track-It 20.21.01.102 GetData Endpoint authorization (ZDI-22-001)

CVE-2024-7353 | Accept Stripe Payments Plugin up to 2.0.86 on WordPress Shortcode accept_stripe_payment_ng cross site scripting

CVE-2024-20081 | MediaTek MT8678 Gnss Service out-of-bounds write (MSV-1412 / ALPS08719602)

CVE-2023-7023 | Tongda OA 2017 up to 11.9 delete.php VU_ID sql injection