exploitDog

CVE-2025-63608

Опубликовано: 30 окт. 2025

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

A SQL injection vulnerability exists in CSZ-CMS <=1.3.0 in the Form Builder view functionality. The vulnerability is located in the field parameter of the form viewing feature, allowing authenticated administrators to execute arbitrary SQL queries.

Ссылки

https://github.com/Huu1j/CSZ_CMS-exploit/blob/main/csz-cms-vulnerability-analysis.md

EPSS

Процентиль: 8%

0.00031

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-2326-jr9x-m329

CVSS3: 6.5

github

6 дней назад

A SQL injection vulnerability exists in CSZ-CMS <=1.3.0 in the Form Builder view functionality. The vulnerability is located in the field parameter of the form viewing feature, allowing authenticated administrators to execute arbitrary SQL queries.

EPSS

Процентиль: 8%

0.00031

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-89