216.73.216.133

CVE-2025-11944

· Published 19/10/2025 20:15 · Modified 19/10/2025 20:15

Labels: CVE-2025-11944 2025-10-19CVE-2025-11944CWE-74[email protected]

Essential information

Published
19/10/2025 20:15
Modified
19/10/2025 20:15
Author
Creator
CVSS
5.1 MEDIUM (v3) 5.1 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability was determined in givanz Vvveb up to 1.0.7.3. This affects the function Import of the file admin/controller/tools/import.php of the component Raw SQL Handler. This manipulation causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. Patch name: 52204b4a106b2fb02d16eee06a88a1f2697f9b35. It is recommended to apply a patch to fix this issue.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
givanz / vvveb cpe:2.3:a:givanz:vvveb:*:*:*:*:*:*:*:*

References