Vulnerabilities

CVE-2025-40639 - SQL injection in Eventobot

2026-03-09 0 views admin

CVE ID :CVE-2025-40639 Published : March 9, 2026, 10:16 a.m. | 2 hours, 11 minutes ago Description :A SQL injection vulnerability has been found in Eventobot. This vulnerability allows an attacker to retrieve, create, update and delete databases through the 'promo_send' parameter in the '/assets/php/calculate_discount.php'. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2025-40639

Severity

HIGH

Published

March 9, 2026

Affected Product: php

Impact: SQL injection

🏷️ Tags

40639injectioneventobotpublishedminutesdescriptionvulnerabilityallowscvesql injection

InfinitSec - Latest Cybersecurity, Technology & Gaming News

CVE-2025-40639 - SQL injection in Eventobot

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-7027 - D-Link DSL-2740R Wireless Setup Section cross site scripting - Analysis

Report: CVE-2026-7025 - Typecho Ping Back Service Endpoint Service.php sendPingHandle server-side request

Report: CVE-2026-7026 - D-Link DGS-3420 System Information Settings cross site scripting

Report: CVE-2026-7028 - CodeAstro Online Job Portal All Jobs delete-jobs.php sql injection - Guide

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting