What the vulnerability does
01Description
In the PrepareCDExportJSON.pl service, the "getPerfServiceIds" function is vulnerable to SQL injection.
CVE-2025-30059
MEDIUM
CVE-2025-30059: Authenticated SQL injection in PrepareCDExportJSON.pl
CVSS base score
6.9/10
CVSS vector
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Key dates
02Disclosure timeline
August 27, 2025
CVE published
August 27, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-2777 Campcodes/PHPGurukul Online Marriage Registration System application-bwdates-reports-details.php sql injection
CVE-2024-2714 Campcodes Complete Online DJ Booking System booking-bwdates-reports-details.php sql injection
CVE-2025-2675 PHPGurukul Bank Locker Management System add-lockertype.php sql injection
CVE-2025-10037 Featured Image from URL (FIFU) <= 5.2.7 - Authenticated (Admin+) SQL Injection
CVE-2023-48259
