CVE-2025-57792

CVE-2025-57792: SQL Injection Vulnerability in Explorance Blue

Vendor Explorance

Product Blue

Weakness CWE-89 · SQLi

Published January 28, 2026

Last update January 28, 2026

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validation of user input in a web application endpoint. An attacker can supply crafted input that is executed as part of backend database queries. The issue is exploitable without authentication, significantly raising the risk.

Key dates

02Disclosure timeline

January 28, 2026 CVE published

January 28, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-57792

Related vulnerabilities

04Related CVE

CVE-2024-48040 WordPress Tainacan plugin <= 0.21.8 - SQL Injection vulnerability CVE-2026-9364 projectworlds Online Art Gallery Shop adminHome.php sql injection CVE-2024-5109 Campcodes Complete Web-Based School Management System student_payment_history.php sql injection CVE-2025-4506 Campcodes Online Food Ordering System menu-router.php sql injection CVE-2024-11009 Internal Linking for SEO traffic & Ranking – Auto internal links (100% automatic) <= 1.2.1 - Authenticated (Administrator+) SQL Injection via post_id Parameter