CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-66260

PostgreSQL SQL Injection (status_sql.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform SQL injection via sw1 and sw2 parameters in status_sql.php. The `status_sql.php` endpoint constructs SQL UPDATE queries by directly concatenating user-controlled `sw1` and `sw2` parameters without using parameterized queries or `pg_escape_string()`. While PostgreSQL's `pg_exec` limitations prevent stacked queries, attackers can inject subqueries for data exfiltration and leverage verbose error messages for reconnaissance.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 9.2%

CVSS Severity

CVSS v3 Score 6.5

References

https://www.abdulmhsblog.com/posts/webfmvulns/

Products affected by CVE-2025-66260

Dbbroadcast » Mozart Dds Next 1000 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_dds_next_1000:-
Dbbroadcast » Mozart Dds Next 100 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_dds_next_100:-
Dbbroadcast » Mozart Dds Next 2000 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_dds_next_2000:-
Dbbroadcast » Mozart Dds Next 3000 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_dds_next_3000:-
Dbbroadcast » Mozart Dds Next 300 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_dds_next_300:-
Dbbroadcast » Mozart Dds Next 30 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_dds_next_30:-
Dbbroadcast » Mozart Dds Next 3500 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_dds_next_3500:-
Dbbroadcast » Mozart Dds Next 500 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_dds_next_500:-
Dbbroadcast » Mozart Dds Next 50 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_dds_next_50:-
Dbbroadcast » Mozart Dds Next 6000 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_dds_next_6000:-
Dbbroadcast » Mozart Dds Next 7000 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_dds_next_7000:-
Dbbroadcast » Mozart Next 1000 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_next_1000:-
Dbbroadcast » Mozart Next 100 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_next_100:-
Dbbroadcast » Mozart Next 2000 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_next_2000:-
Dbbroadcast » Mozart Next 3000 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_next_3000:-
Dbbroadcast » Mozart Next 300 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_next_300:-
Dbbroadcast » Mozart Next 30 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_next_30:-
Dbbroadcast » Mozart Next 3500 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_next_3500:-
Dbbroadcast » Mozart Next 500 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_next_500:-
Dbbroadcast » Mozart Next 50 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_next_50:-
Dbbroadcast » Mozart Next 6000 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_next_6000:-
Dbbroadcast » Mozart Next 7000 » Version: N/A

cpe:2.3:h:dbbroadcast:mozart_next_7000:-
Dbbroadcast » Mozart Dds Next 1000 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_dds_next_1000_firmware:-
Dbbroadcast » Mozart Dds Next 100 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_dds_next_100_firmware:-
Dbbroadcast » Mozart Dds Next 2000 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_dds_next_2000_firmware:-
Dbbroadcast » Mozart Dds Next 3000 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_dds_next_3000_firmware:-
Dbbroadcast » Mozart Dds Next 300 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_dds_next_300_firmware:-
Dbbroadcast » Mozart Dds Next 30 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_dds_next_30_firmware:-
Dbbroadcast » Mozart Dds Next 3500 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_dds_next_3500_firmware:-
Dbbroadcast » Mozart Dds Next 500 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_dds_next_500_firmware:-
Dbbroadcast » Mozart Dds Next 50 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_dds_next_50_firmware:-
Dbbroadcast » Mozart Dds Next 6000 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_dds_next_6000_firmware:-
Dbbroadcast » Mozart Dds Next 7000 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_dds_next_7000_firmware:-
Dbbroadcast » Mozart Next 1000 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_next_1000_firmware:-
Dbbroadcast » Mozart Next 100 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_next_100_firmware:-
Dbbroadcast » Mozart Next 2000 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_next_2000_firmware:-
Dbbroadcast » Mozart Next 3000 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_next_3000_firmware:-
Dbbroadcast » Mozart Next 300 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_next_300_firmware:-
Dbbroadcast » Mozart Next 30 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_next_30_firmware:-
Dbbroadcast » Mozart Next 3500 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_next_3500_firmware:-
Dbbroadcast » Mozart Next 500 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_next_500_firmware:-
Dbbroadcast » Mozart Next 50 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_next_50_firmware:-
Dbbroadcast » Mozart Next 6000 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_next_6000_firmware:-
Dbbroadcast » Mozart Next 7000 Firmware » Version: N/A

cpe:2.3:o:dbbroadcast:mozart_next_7000_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-66260

Products

Pricing

Contact Us