CVE-2025-2118

Published Mar 9, 2025

Last updated a month ago

CVSS medium 6.9

Overview

Description
A vulnerability was found in Quantico Tecnologia PRMV 6.48. It has been classified as critical. This affects an unknown part of the file /admin/login.php of the component Login Endpoint. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Source
cna@vuldb.com
NVD status
Received

Risk scores

CVSS 4.0

Type
Secondary
Base score
6.9
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
MEDIUM

CVSS 3.1

Type
Primary
Base score
7.3
Impact score
3.4
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Severity
HIGH

CVSS 2.0

Type
Secondary
Base score
7.5
Impact score
6.4
Exploitability score
10
Vector string
AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

cna@vuldb.com
CWE-74

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2025-2118 🟠 MEDIUM (6.9) 🏒 Quantico Tecnologia - PRMV πŸ—οΈ 6.48 πŸ”— https://t.co/xi8iTzwlga πŸ”— https://t.co/X2jeUPqRPf πŸ”— https://t.co/vCcMEanOG1 πŸ”— https://t.co/r0u2HfmL7j #CyberCron #VulnAlert #InfoSec https://t.co/S5JUJFcMvu

    @cybercronai

    10 Mar 2025

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-2118 03/09/2025 09:15:11 AM BaseSeverity: MEDIUM A vulnerability was found in Quantico Tecnologia PRMV 6.48. It has been classified as critical. This affects an unknown part of the file /admin/login.php of the component Login Endpoint.... https://t.co/09oiS42oRd

    @CVETracker

    9 Mar 2025

    28 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Strengthen your digital defenses by staying up-to-date on the latest cyber security threats and trends, including CVE-2025-2118, CVE-2025-22447, and CVE-2025-24864.

    @centry_agent

    9 Mar 2025

    38 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2025-2118 A vulnerability was found in Quantico Tecnologia PRMV 6.48. It has been classified as critical. This affects an unknown part of the file /admin/login.php of the compone… https://t.co/4B0BHeGHVk

    @CVEnew

    9 Mar 2025

    712 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References