How severe is CVE-2025-2625?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.9 out of 10.

What type of vulnerability is CVE-2025-2625?

This is classified as CWE-74, which is a common weakness in software security.

CVE-2025-2625

MEDIUM Year: 2025

CVSS v3 Score

4.9

Medium

CVSS v2 Score

6.5

Medium

Weakness Type

CWE-74

View all →

Vulnerability Description

A vulnerability classified as critical has been found in westboy CicadasCMS 1.0. This affects an unknown part of the file /system/cms/content/page. The manipulation of the argument orderField/orderDirection leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2024-13193

MEDIUM

CVSS:4.9(Medium)

A vulnerability has been found in SEMCMS up to 4.8 and classified as critical. Affected by this vulnerability is an unknown functionality of the file SEMCMS_Images.php of the component Image Library M...

CWE-742024

CVE-2025-3984

LOW

CVSS:5.0(Medium)

A vulnerability was found in Apereo CAS 5.2.6 and classified as critical. Affected by this issue is the function saveService of the file cas-5.2.6\webapp-mgmt\cas-management-webapp-support\src\main\ja...

CWE-742025

CVE-2021-29208

MEDIUM

CVSS:4.8(Medium)

A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity...

CWE-742021

CVE-2021-29209

MEDIUM

CVSS:4.8(Medium)

CWE-742021

CVE-2021-29210

MEDIUM

CVSS:4.8(Medium)

CWE-742021

CVE-2021-30057

MEDIUM

CVSS:4.8(Medium)

A stored HTML injection vulnerability exists in Knowage Suite version 7.1. An attacker can inject arbitrary HTML in "/restful-services/2.0/analyticalDrivers" via the 'LABEL' and 'NAME' parameters.

CWE-742021

CVE-2025-2625

Vulnerability Description

Related Vulnerabilities

CVE-2024-13193

CVE-2025-3984

CVE-2021-29208

CVE-2021-29209

CVE-2021-29210

CVE-2021-30057