CVE-2025-0698

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published Jan 24, 2025

CWE ID 74

CWE ID 89

Summary

CVE-2025-0698 is a critical vulnerability affecting the JoeyBling bootplus software up to the version 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. This issue lies within an unknown function of the /admin/sys/menu/list file and can be exploited through sql injection by manipulating the sort/order argument. The attack can be launched remotely, and the exploit has been made public. The product utilizes continuous delivery with rolling releases, making it difficult to determine which versions are affected or if updated releases are available.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2vzZ3s
https://www.cve.org/CVERecord?id=CVE-2025-0698
https://nvd.nist.gov/vuln/detail/CVE-2025-0698

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners

CVE-2025-0698

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations