N/A - CVE-2025-25228

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Informations
Name	CVE-2025-25228	First vendor Publication	2025-04-21
Vendor	Cve	Last vendor Modification	2025-05-28

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score	N/A	Attack Range	N/A
Cvss Impact Score	N/A	Attack Complexity	N/A
Cvss Expoit Score	N/A	Authentication	N/A
Calculate full CVSS 2.0 Vectors scores

Detail

A SQL injection in VirtueMart component 1.0.0 - 4.4.7 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands in the product management area in backend.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-25228

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-89	Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

Type	Description	Count
Application	Virtuemart cpe:2.3:a:virtuemart:virtuemart:3.0.14:::::joomla!:: cpe:2.3:a:virtuemart:virtuemart:1.1:::::::* cpe:2.3:a:virtuemart:virtuemart:1.0.9:::::::* cpe:2.3:a:virtuemart:virtuemart:1.0.8:::::::* cpe:2.3:a:virtuemart:virtuemart:1.0.7:::::::* cpe:2.3:a:virtuemart:virtuemart:1.0.12:::::::* cpe:2.3:a:virtuemart:virtuemart:1.0.11:::::::* cpe:2.3:a:virtuemart:virtuemart:1.0.10:::::::* cpe:2.3:a:virtuemart:virtuemart:1.0.0:::::::* cpe:2.3:a:virtuemart:virtuemart:1.0:::::::* cpe:2.3:a:virtuemart:virtuemart::::::joomla!::*	11