2 matches found
CVE-2025-7385 SQL Injection in GOV CMS
Input from search query parameter in GOV CMS is not sanitized properly, leading to a Blind SQL injection vulnerability, which might be exploited by an unauthenticated remote attacker. Versions 4.0 and above are not affected...
PT-2025-35937
Name of the Vulnerable Software and Affected Versions: GOV CMS versions prior to 4.0 Description: The input from the search query parameter in GOV CMS is not properly sanitized, leading to a Blind SQL injection. This could be exploited by an unauthenticated remote attacker. Recommendations: Ensur...