ГлавнаяУязвимости → CVE-2025-25221
9.8критическая

CVE-2025-25221

Описание

The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version) contains an SQL injection vulnerability in pdf.php. If this vulnerability is exploited, information in a database may be deleted, altered, or retrieved.

Затрагиваемое ПО
Luxsoft Luxcal web calendar
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://jvn.jp/en/jp/JVN26024080/https://www.luxsoft.eu/?downloadhttps://www.luxsoft.eu/lcforum/viewtopic.php?pid=1984#p1984