Vulnerabilities

CVE-2025-15442 - CRMEB product_list sql injection

2026-01-04 0 views admin

CVE ID : CVE-2025-15442 Published : Jan. 4, 2026, 11:15 a.m. | 1 hour, 26 minutes ago Description : A vulnerability was determined in CRMEB up to 5.6.1. This vulnerability affects unknown code of the file /adminapi/export/product_list. This manipulation of the argument cate_id causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2025-15442

Severity

MEDIUM

Published

Jan. 4, 2026

Impact: sql injection

Source: Telegram CVE Monitor

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2025-15442medium

CVE-2025-15442 - CRMEB product_list sql injection

CVE Details

🏷️ Tags

More from Vulnerabilities

Essential Guide: CVE-2025-15458 - bg5sbk MiniCMS Article post-edit.php improper authentication

CVE-2025-14124 - Team < 5.0.11 - Unauthenticated SQLi

Latest: CVE-2025-15460 - UTT 进取 520W formPptpClientConfig strcpy buffer overflow

Report: CVE-2025-15459 - UTT 进取 520W formUser strcpy buffer overflow

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting