CVE-2025-10122 MEDIUM

CVE-2025-10122: Maccms10 Database.php rep sql injection

Vendor N/A

Product Maccms10

Weakness CWE-89 · SQLi

Published September 9, 2025

Last update September 9, 2025

View on NVD All CVEs

CVSS base score

5.1/10

Attack vector Network

Attack complexity Low

Privileges required High

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

A vulnerability was found in Maccms10 2025.1000.4050. Affected is the function rep of the file application/admin/controller/Database.php. Performing manipulation of the argument where results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used.

Key dates

02Disclosure timeline

September 9, 2025 CVE published

September 9, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-10122

Related vulnerabilities

04Related CVE

CVE-2024-28107 phpMyFAQ SQL injections at insertentry & saveentry CVE-2025-62177 WeGIA vulnerable to SQL Injection via 'id_funcionario' param at endpoint `/html/funcionario/dependente_listar.php` CVE-2024-43776 Huachu Easytest Online Learning Test Platform - SQL Injection CVE-2025-11348 Campcodes Online Apartment Visitor Management System index.php sql injection CVE-2025-6276 Brilliance Golden Link Secondary System rentTakeInfoPage.htm sql injection