CVE-2025-8126 | deerwms deer-wms-2 up to 3.3 /system/user/export params[dataScope] sql injection (ICLQUE)

Inserito da Angelo Barbosa | Lug 24, 2025 | CVE

A vulnerability classified as critical has been found in deerwms deer-wms-2 up to 3.3. This affects an unknown part of the file /system/user/export. The manipulation of the argument params[dataScope] leads to sql injection.

This vulnerability is uniquely identified as CVE-2025-8126. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2025-8126 | deerwms deer-wms-2 up to 3.3 /system/user/export params[dataScope] sql injection (ICLQUE)

Post correlati

CVE-2024-42213 | HCL BigFix Compliance 2.0.12 Temporary File test code (KB0120961)

CVE-2024-5020 | Form Maker Plugin on WordPress FancyBox JavaScript Library cross site scripting

CVE-2024-42904 | SysPass 3.2.x ClientController.php name cross site scripting

CVE-2023-40695 | IBM Cognos Controller 10.4.1/10.4.2/11.0.0 session expiration (XFDB-264938)