CVE-2025-15585

2026-02-19 ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 22:03 vuln.today
CVE Published
Feb 19, 2026 - 00:16 nvd
N/A

Tags

MySQL SQLi Privilege Escalation

Description

Fileflows versions before 25.05.2 are affected by an authenticated SQL injection vulnerability in the library-file search function. Successful exploitation requires the system to use MySQL as the underlying database and could result in privilege escalation or data exfiltration.

Analysis

Fileflows versions before 25.05.2 are affected by an authenticated SQL injection vulnerability in the library-file search function. Successful exploitation requires the system to use MySQL as the underlying database and could result in privilege escalation or data exfiltration.

Technical Context

Classified as CWE-89 (SQL Injection). Affects the library-file search component of Fileflow. Fileflows versions before 25.05.2 are affected by an authenticated SQL injection vulnerability in the library-file search function. Successful exploitation requires the system to use MySQL as the underlying database and could result in privilege escalation or data exfiltration.

Affected Products

Product: Fileflow. Versions: up to 25.05.2. Component: library-file search.

Remediation

Monitor vendor advisories for a patch. Use parameterized queries. Implement input validation.

Priority Score

0
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +0
POC: 0

Share

CVE-2025-15585 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy