CVE-2025-25181 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows remote attackers to execute arbitrary SQL commands via the PmS…
Medium KEV CVSS: 5.8

CVE-2025-25181

A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows remote attackers to execute arbitrary SQL commands via the PmSess1 parameter.
Vendor
Advantive
Product
Veracore
CWE
CWE-89
Yayın Tarihi
2025-02-03 20:15:37
Güncelleme
2025-11-05 19:28:49
Source Identifier
cve@mitre.org
KEV Date Added
2025-03-10

Kategoriler

CWE-89 Veracore MEDIUM Advantive 2025

Referanslar

https://advantive.my.site.com/support/s/knowledge https://intezer.com/blog/research/xe-group-exploiting-zero-days/ https://www.solissecurity.com/en-us/insights/xe-group-from-credit-card-skimming-to-exploiting-zero-days/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-25181