Vulnerability Details CVE-2025-25181
A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows remote attackers to execute arbitrary SQL commands via the PmSess1 parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.21
EPSS Ranking 95.3%
CVSS Severity
CVSS v3 Score 5.8
Proposed Action
Advantive VeraCore contains a SQL injection vulnerability in timeoutWarning.asp that allows a remote attacker to execute arbitrary SQL commands via the PmSess1 parameter.
Ransomware Campaign
Unknown
References
Products affected by CVE-2025-25181
-
cpe:2.3:a:advantive:veracore:-
-
cpe:2.3:a:advantive:veracore:2024.2.0
-
cpe:2.3:a:advantive:veracore:2024.3.1
-
cpe:2.3:a:advantive:veracore:2024.3.2
-
cpe:2.3:a:advantive:veracore:2024.3.3
-
cpe:2.3:a:advantive:veracore:2024.3.4
-
cpe:2.3:a:advantive:veracore:2024.4.1
-
cpe:2.3:a:advantive:veracore:2024.4.2
-
cpe:2.3:a:advantive:veracore:2024.4.2.1
-
cpe:2.3:a:advantive:veracore:2025.1.0