CVE 5.3 MEDIUM

deerwms deer-wms-2 edit sql injection_CVE-2025-8123

August 14, 2025 invoker category_cve
5.3 / 10
MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was found in deerwms deer-wms-2 up to 3.3. It has been classified as critical. Affected is an unknown function of the file /system/dept/edit. The manipulation of the argument ancestors leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2025-8123
Source VulDB
Published Jul 24, 2025 at 21:02
Modified Jul 25, 2025 at 13:33

Affected Product

Vendor deerwms
Product deer-wms-2
Version 3.0
Affected Versions deerwms deer-wms-2 3.0
deerwms deer-wms-2 3.1
deerwms deer-wms-2 3.2
deerwms deer-wms-2 3.3

CWE Classification

CWE-89 CWE-74

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.