CVE-2025-0344 | leiyuxi cy-fast 1.0 /commpara/listData order sql injection

Posted by Angelo Barbosa | Jan 8, 2025 | CVE

A vulnerability has been found in leiyuxi cy-fast 1.0 and classified as critical. Affected by this vulnerability is the function listData of the file /commpara/listData. The manipulation of the argument order leads to sql injection.

This vulnerability is known as CVE-2025-0344. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2025-0344 | leiyuxi cy-fast 1.0 /commpara/listData order sql injection

Related Posts

CVE-2023-6270 | Linux Kernel ATA over Ethernet Driver aoecmd_cfg_pkts use after free

CVE-2024-30460 | Tumult Hype Animations Plugin up to 1.9.11 on WordPress cross-site request forgery

CVE-2024-8693 | Kaon CG3000 1.01.43 dhcpcd Command -h cross site scripting

CVE-2024-53845 | Espressif ESP-IDF up to 5.0.7/5.1.5/5.2.3/5.3.1 ESPTouchV2 Protocol risky encryption (GHSA-wm57-466g-mhrr)