Skip to main content

CVE-2025-50229

| EUVD-2025-209568 CRITICAL
SQL Injection (CWE-89)
2026-04-23 mitre
SQLi
9.8
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

5
Re-analysis Queued
Apr 24, 2026 - 19:22 vuln.today
cvss_changed
CVSS changed
Apr 24, 2026 - 19:22 NVD
9.8 (None) 9.8 (CRITICAL)
EUVD ID Assigned
Apr 23, 2026 - 16:00 euvd
EUVD-2025-209568
Analysis Generated
Apr 23, 2026 - 16:00 vuln.today
CVE Published
Apr 23, 2026 - 00:00 nvd
CRITICAL 9.8

DescriptionNVD

Jizhicms v2.5.4 is vulnerable to SQL injection in the product editing module.

Analysis

Jizhicms v2.5.4 is vulnerable to SQL injection in the product editing module.

Technical ContextAI

SQL injection occurs when user-supplied input is incorporated into SQL queries without proper sanitization or parameterized queries.

RemediationAI

Use parameterized queries or prepared statements. Apply input validation and escape special characters. Implement least-privilege database accounts.

Share

CVE-2025-50229 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy