- Description
- A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows remote attackers to execute arbitrary SQL commands via the PmSess1 parameter.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 5.8
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
- Severity
- MEDIUM
- cve@mitre.org
- CWE-89
- Hype score
- Not currently trending
🏴☠️ El GrupoXE sería el responsable de explotar dos vulnerabilidades de día cero en la plataforma de gestión de almacenes de VeraCore, CVE-2025-25181 y CVE-2025-57968, con un conjunto de shells inversos y web shells. 🧉 https://t.co/QdNQ1rjUQ1
@MarquisioX
16 Feb 2025
41 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 ALERT: XE Group exploits VeraCore Zero-Day vulnerabilities (CVE-2024-57968 & CVE-2025-25181) to deploy persistent web shells! 🚀 🔴 Organizations must update to version 2024.4.2.1+ ASAP! 🔍 Stay vigilant: Monitor file uploads, enforce strict access controls & deploy W
@AekzIndia
10 Feb 2025
12 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
New post from https://t.co/uXvPWJy6tj (CVE-2025-25181 | Advantive VeraCore up to 2025.1.0 timeoutWarning.asp PmSess1 sql injection) has been published on https://t.co/G0VtDhPQCw
@WolfgangSesin
6 Feb 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE Alert: Advantive VeraCore SQL injection Zero-day Vulnerability Exploited In the Wild 🚨 Vulnerability Details: CVE-2025-25181 (CVSS 5.8/10) Advantive VeraCore SQL injection Vulnerability Impact: A Successful exploit may allow a remote attacker to read, delete, modify… ht
@CyberxtronTech
6 Feb 2025
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 SQL Injection Alert: CVE-2025-25181 🚨 Hey tech enthusiasts! 🌐🔒 A new vulnerability in Adventive Vera Core's timeoutWarning.asp is here, allowing remote SQL command execution via the PmSess1 parameter. Stay informed and secure! 📚🔍 . #ahmedmansourcsofficia #sqlinjection
@CsAhmedmansour
4 Feb 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-25181 SQL Injection in Advantive VeraCore timeoutWarning.asp Enables Remote SQL Command Execution https://t.co/21Kv2V9UaU
@VulmonFeeds
4 Feb 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-25181 A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows remote attackers to execute arbitrary SQL commands via the PmSess1 p… https://t.co/YXNknKiYOO
@CVEnew
3 Feb 2025
429 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes