What is the CVSS score of CVE-2025-7714?

CVE-2025-7714 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.1%.

Which versions of Content Management System are affected by CVE-2025-7714?

A SQL injection vulnerability in Global Interactive Design Media Software Inc. products could allow attackers to compromise data integrity and confidentiality if exploited.

How to fix or mitigate CVE-2025-7714?

Within 24 hours: Identify all systems running affected Global Interactive Design Media Software products and isolate them from untrusted networks if possible. Within 7 days: Implement Web Application Firewall (WAF) rules to block SQL injection attempts, apply input validation controls, and enable database activity monitoring. Within 30 days: Continue monitoring vendor communications for patch availability and prepare an expedited deployment plan once released.

Content Management System CVE-2025-7714

HIGH

SQL Injection (CWE-89)

2026-01-29 iletisim@usom.gov.tr

SQLi Content Management System

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:00 vuln.today

CVE Published

Jan 29, 2026 - 15:16 nvd

HIGH 7.5

DescriptionNVD

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Global Interactive Design Media Software Inc. Content Management System (CMS) allows Command Line Execution through SQL Injection.This issue affects Content Management System (CMS): through 21072025.

AnalysisAI

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Global Interactive Design Media Software Inc. [CVSS 7.5 HIGH]

Technical ContextAI

Classified as CWE-89 (SQL Injection). Affects Content Management System. Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Global Interactive Design Media Software Inc. Content Management System (CMS) allows Command Line Execution through SQL Injection.This issue affects Content Management System (CMS): through 21072025.

RemediationAI

Monitor vendor advisories for a patch. Use parameterized queries. Implement input validation. Restrict network access to the affected service where possible.

CVE-2025-7714 vulnerability details – vuln.today

Back

Content Management System CVE-2025-7714

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code