CVE-2025-25994 | FeMiner wms 1.0 date1/date2/id sql injection

Posted by Angelo Barbosa | Feb 14, 2025 | CVE

A vulnerability classified as critical was found in FeMiner wms 1.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument date1/date2/id leads to sql injection.

This vulnerability is known as CVE-2025-25994. The attack can be launched remotely. There is no exploit available.

CVE-2025-25994 | FeMiner wms 1.0 date1/date2/id sql injection

Related Posts

CVE-2023-6887 | saysky ForestBlog up to 20220630 Image Upload /admin/upload/img filename unrestricted upload

CVE-2024-44223 | Apple macOS up to 15.0 Login Window state issue

CVE-2024-51246 | Draytek Vigor 3900 1.5.1.3 mainfunction.cgi doPPTP command injection

CVE-2024-39776 | Avtec Outpost 0810/Outpost Uploader Utility up to 4.x storage of file with sensitive data under web root (icsa-24-235-04)