CVE-2025-63724

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-63724
SQL injection (SQL-i) vulnerability in SVX Portal 2.7A via crafted POST request to admin/update_setings.php.

6.0 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 4.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact HIGH

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://deepstrike.io/blog/sql-injection-in-svx-portal-v-2-7A
Configurations

No configuration.

History

14 Nov 2025, 20:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 6.0
CWE CWE-89

14 Nov 2025, 18:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-11-14 18:15

Updated : 2025-11-18 14:06

NVD link : CVE-2025-63724

Mitre link : CVE-2025-63724

CVE.ORG link : CVE-2025-63724

JSON object : View

Products Affected

No product.

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')