Vulnerabilities

CVE-2025-41032

by Fred · 04/09/2025

An SQL injection vulnerability has been found in appRain CMF 4.0.5. This vulnerability allows an attacker to retrieve, create, update, and delete the database, through the ‘data%5BAdmin%5D%5Busername%5D’ parameter in /apprain/admin/manage/add/.

More information : https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-apprain-cmf

Similar

Tags: Cybersecurity Alert