CVE-2025-41005

Imaster's MEMS Events CRM contains an SQL injection vulnerability in‘keyword’ parameter in ‘/memsdemo/exchange_offers.php’.

CVSS

No CVSS.

References

Link	Resource
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-imaster-products

Configurations

No configuration.

History

12 Jan 2026, 15:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-01-12 15:16

Updated : 2026-01-13 14:03

NVD link : CVE-2025-41005

Mitre link : CVE-2025-41005

CVE.ORG link : CVE-2025-41005

JSON object : View

Products Affected

No product.

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')