3 matches found
CVE-2025-41032
An SQL injection vulnerability has been found in appRain CMF 4.0.5. This vulnerability allows an attacker to retrieve, create, update, and delete the database, through the 'data%5BAdmin%5D%5Busername%5D' parameter in /apprain/admin/manage/add/...
CVE-2025-41032
The CVE-2025-41032 entry concerns appRain CMF 4.0.5 with an SQL injection vulnerability in the parameter data[Admin][username] of the /apprain/admin/manage/add/ endpoint. Reported to allow an attacker to retrieve, create, update, and delete data in the back-end database. The vulnerability is desc...
appRain CMF SQL注入漏洞
appRain CMF is a content management framework. appRain CMF suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the data%5BAdmin%5D%5Busername%5D parameter of /apprain/admin/manage/add. An attacker could use this vulnerability t...