ГлавнаяУязвимости → CVE-2025-25222
9.8критическая

CVE-2025-25222

Описание

The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version) contains an SQL injection vulnerability in retrieve.php. If this vulnerability is exploited, information in a database may be deleted, altered, or retrieved.

Затрагиваемое ПО
Luxsoft Luxcal web calendar
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://jvn.jp/en/jp/JVN26024080/https://www.luxsoft.eu/?downloadhttps://www.luxsoft.eu/lcforum/viewtopic.php?pid=1984#p1984