CVE-2025-41032
SQL injection vulnerability in appRain CMF
An SQL injection vulnerability has been found in appRain CMF 4.0.5. This vulnerability allows an attacker to retrieve, create, update, and delete the database, through the 'data%5BAdmin%5D%5Busername%5D' parameter in /apprain/admin/manage/add/.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
appRain · appRain CMFQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →