CVE-2025-65877 | Lvzhou CMS Title sql injection

Inserito da Angelo Barbosa | Dic 2, 2025 | CVE

A vulnerability labeled as critical has been found in Lvzhou CMS. This impacts an unknown function of the component com.wanli.lvzhoucms.service.ContentService#findPage. The manipulation of the argument Title results in sql injection.

This vulnerability is cataloged as CVE-2025-65877. The attack may be launched remotely. There is no exploit available.

It is best practice to apply a patch to resolve this issue.

CVE-2025-65877 | Lvzhou CMS Title sql injection

Post correlati

CVE-2024-38355 | socket.io up to 2.5.0/4.6.1 denial of service (GHSA-25hc-qcg6-38wj)

CVE-2024-3504 | lunary-ai lunary up to 1.2.6 access control

CVE-2024-11755 | acewebx IMS Countdown Plugin up to 1.3.4 on WordPress Countdown Post Setting cross site scripting

CVE-2024-39486 | Linux Kernel up to 6.6.36/6.9.7 drm_file drm_file_update_pid use after free (16682588ead4/0acce2a5c619/4f2a129b33a2)