PT-2025-29731 · Yaysmtp · Yaysmtp

Lê Quốc Bảo

·

Published

2025-07-16

·

Updated

2025-07-16

·

CVE-2025-48301

CVSS v3.1
7.6
VectorAV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L

Name of the Vulnerable Software and Affected Versions:

YaySMTP versions n/a through 1.5

Description:

YaySMTP contains a SQL injection flaw. The flaw is due to improper neutralization of special elements used in an SQL command.

Recommendations:

Versions prior to 1.6 are affected.

Fix

SQL injection

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2025-48301

Affected Products

Yaysmtp