CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-25222

The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version) contains an SQL injection vulnerability in retrieve.php. If this vulnerability is exploited, information in a database may be deleted, altered, or retrieved.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 11.4%

CVSS Severity

CVSS v3 Score 7.3

References

https://jvn.jp/en/jp/JVN26024080/
https://www.luxsoft.eu/?download
https://www.luxsoft.eu/lcforum/viewtopic.php?pid=1984#p1984

Products affected by CVE-2025-25222

Luxsoft » Luxcal Web Calendar » Version: 5.2.4l

cpe:2.3:a:luxsoft:luxcal_web_calendar:5.2.4l
Luxsoft » Luxcal Web Calendar » Version: 5.2.4m

cpe:2.3:a:luxsoft:luxcal_web_calendar:5.2.4m

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-25222

Products

Pricing

Contact Us