CVE-2025-0488

Medium CVSS: 5.3

A vulnerability classified as critical has been found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file product_list.php. The manipulation of the argument cat leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Vendor

Native-php-cms Project

Product

Native-php-cms

CWE

CWE-74

Yayın Tarihi

2025-01-15 21:15:15

Güncelleme

2025-05-05 15:19:19

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-74 Native-php-cms MEDIUM Native-php-cms Project 2025

Referanslar

https://github.com/Fanli2012/native-php-cms/issues/10 https://github.com/Fanli2012/native-php-cms/issues/10#issue-2769983658 https://vuldb.com/?ctiid.291933 https://vuldb.com/?id.291933 https://vuldb.com/?submit.475255 https://github.com/Fanli2012/native-php-cms/issues/10 https://github.com/Fanli2012/native-php-cms/issues/10#issue-2769983658

Benzer Kayıtlar

Medium

CVE-2025-0489

A vulnerability classified as critical was found in Fanli2012 native-php-cms 1.0. This vulnerability affects unknown cod…

Medium

CVE-2025-0490

A vulnerability, which was classified as critical, has been found in Fanli2012 native-php-cms 1.0. This issue affects so…

Medium

CVE-2025-0483

A vulnerability has been found in Fanli2012 native-php-cms 1.0 and classified as problematic. This vulnerability affects…

Medium

CVE-2025-0482

A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. This affects an unknown pa…