PT-2025-29725 · Yaysmtp · Yaysmtp

Lê Quốc Bảo

Published

2025-07-16

Updated

2025-07-21

CVE-2025-48161

CVSS v3.1

7.6

High

Vector

AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L

Name of the Vulnerable Software and Affected Versions YaySMTP versions n/a through 1.3

Description YaySMTP is susceptible to a SQL injection flaw due to improper neutralization of special elements within SQL commands. This issue could allow for unauthorized database access or modification.

Recommendations Versions prior to 1.4 are affected.

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2025-48161

Affected Products

Yaysmtp

PT-2025-29725 · Yaysmtp · Yaysmtp

CVE-2025-48161

Weakness Enumeration

Related Identifiers

Affected Products

References · 6