CVE-2025-1872

CWE-89SQL InjectionCWE-416Use After Free4 documents4 sources
Severity
9.3CRITICAL
EPSS
0.1%
top 79.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mayuri K 101newsMayurik Best Online News Portal
Timeline
PublishedMar 3

Description

SQL injection vulnerability have been found in 101news affecting version 1.0 through the "sadminusername" parameter in admin/add-subadmins.php.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5mayuri_k/101news1.0

🔴Vulnerability Details

2
GHSA
GHSA-rq8c-97x5-hqj8: SQL injection vulnerability have been found in 101news affecting version 12025-03-03
CVEList
SQL injection vulnerability in 101news2025-03-03

📋Vendor Advisories

1
Microsoft
Use-after-free in Linux kernel's io_uring subsystem2023-04-11
CVE-2025-1872 (CRITICAL CVSS 9.3) | SQL injection vulnerability have be | cvebase.io