CVE-2025-1116 Dreamvention Live AJAX Search Free live_search.searchresults search sql injection

🗓️ 08 Feb 2025 12:00:15Reported by VulDBType

Critical SQL injection vulnerability in Dreamvention Live AJAX Search allows remote exploit.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2025-1116	8 Feb 202512:04	–	circl
CNNVD	Dreamvention Live AJAX Search Free 注入漏洞	8 Feb 202500:00	–	cnnvd
CVE	CVE-2025-1116	8 Feb 202512:00	–	cve
EUVD	EUVD-2025-2014	3 Oct 202520:07	–	euvd
NVD	CVE-2025-1116	8 Feb 202512:15	–	nvd
Positive Technologies	PT-2025-6017 · Dreamvention · Dreamvention Live Ajax Search	8 Feb 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-1116	7 Jan 202609:17	–	redhatcve
Vulnrichment	CVE-2025-1116 Dreamvention Live AJAX Search Free live_search.searchresults search sql injection	8 Feb 202512:00	–	vulnrichment

[
  {
    "vendor": "Dreamvention",
    "product": "Live AJAX Search Free",
    "versions": [
      {
        "version": "1.0.0",
        "status": "affected"
      },
      {
        "version": "1.0.1",
        "status": "affected"
      },
      {
        "version": "1.0.2",
        "status": "affected"
      },
      {
        "version": "1.0.3",
        "status": "affected"
      },
      {
        "version": "1.0.4",
        "status": "affected"
      },
      {
        "version": "1.0.5",
        "status": "affected"
      },
      {
        "version": "1.0.6",
        "status": "affected"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
gist	www.gist.github.com/mcdruid/d6a41cfebd9e10e63a8c698d3a8ad771
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

08 Feb 2025 12:00Current

CVSS 46.9

CVSS 3.17.3

CVSS 37.3

CVSS 27.5

EPSS0.00362