CVE-2025-10122
BaseFortify
Publication date: 2025-09-09
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| maccms | maccms | 10.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-10122 is a SQL injection vulnerability in Maccms10 version 2025.1000.4050, specifically in the function 'rep' within the file application/admin/controller/Database.php. The vulnerability occurs because the 'where' argument is not properly sanitized, allowing an attacker with authenticated access to manipulate SQL queries. This can lead to unauthorized access or modification of the database. The exploit can be initiated remotely and a public proof-of-concept is available. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by compromising the confidentiality, integrity, and availability of your system's data. An attacker with authenticated access can execute arbitrary SQL commands, potentially leading to unauthorized data disclosure, data modification, or disruption of service. Since the exploit is publicly available and can be triggered remotely, it poses a moderate security risk. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by searching for the vulnerable endpoint using Google dorking with queries such as `inurl:application/admin/controller/Database.php`. Additionally, monitoring for unusual SQL queries or attempts to manipulate the 'where' parameter in the 'rep' function could indicate exploitation attempts. Since the vulnerability requires authentication, reviewing logs for suspicious authenticated requests targeting this function is recommended. Specific commands are not provided, but using web application scanners or custom scripts to test SQL injection on the 'where' parameter in the specified file could help detect the issue. [1]
What immediate steps should I take to mitigate this vulnerability?
No known mitigations or countermeasures have been published for this vulnerability. The suggested immediate step is to replace the affected component or product with an alternative that is not vulnerable. Additionally, restricting access to the vulnerable endpoint and monitoring for exploitation attempts can help reduce risk until a patch or fix is available. [1]