CVE-2025-15585

Fileflows versions before 25.05.2 are affected by an authenticated SQL injection vulnerability in the library-file search function. Successful exploitation requires the system to use MySQL as the underlying database and could result in privilege escalation or data exfiltration.

CVSS

No CVSS.

References

Link	Resource
https://fileflows.com/docs/versions#version-2505
https://projectblack.io/blog/fileflows-sql-injection-by-decompiling-net-code/#exploitation

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Las versiones de Fileflows anteriores a la 25.05.2 están afectadas por una vulnerabilidad de inyección SQL autenticada en la función de búsqueda de archivos de la biblioteca. La explotación exitosa requiere que el sistema utilice MySQL como base de datos subyacente y podría resultar en escalada de privilegios o exfiltración de datos.

19 Feb 2026, 00:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-19 00:16

Updated : 2026-06-17 08:38

NVD link : CVE-2025-15585

Mitre link : CVE-2025-15585

CVE.ORG link : CVE-2025-15585

JSON object : View

Products Affected

No product.

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

{"id": "CVE-2025-15585", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2025-15585", "role": "CISA Coordinator", "options": [{"exploitation": "poc"}, {"automatable": "no"}, {"technicalImpact": "total"}], "version": "2.0.3", "timestamp": "2026-02-19T17:19:49.272466Z"}}], "cvssMetricV40": [{"type": "Secondary", "source": "ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "PROOF_OF_CONCEPT", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "affected": [{"source": "ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a", "affectedData": [{"vendor": "fileflows", "product": "fileflows", "versions": [{"status": "affected", "version": "0", "lessThan": "25.05.2", "versionType": "custom"}], "defaultStatus": "unaffected"}]}], "published": "2026-02-19T00:16:21.053", "references": [{"url": "https://fileflows.com/docs/versions#version-2505", "source": "ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a"}, {"url": "https://projectblack.io/blog/fileflows-sql-injection-by-decompiling-net-code/#exploitation", "source": "ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "Fileflows versions before 25.05.2 are affected by an authenticated SQL injection vulnerability in the library-file search function. Successful exploitation requires the system to use MySQL as the underlying database and could result in privilege escalation or data exfiltration."}, {"lang": "es", "value": "Las versiones de Fileflows anteriores a la 25.05.2 est\u00e1n afectadas por una vulnerabilidad de inyecci\u00f3n SQL autenticada en la funci\u00f3n de b\u00fasqueda de archivos de la biblioteca. La explotaci\u00f3n exitosa requiere que el sistema utilice MySQL como base de datos subyacente y podr\u00eda resultar en escalada de privilegios o exfiltraci\u00f3n de datos."}], "lastModified": "2026-06-17T08:38:04.870", "sourceIdentifier": "ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a"}