CVE-2025-11944

CVSS v2.0

5.8

Vector

AV:N/AC:L/Au:M/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions givanz Vvveb versions up to 1.0.7.3

Description A flaw exists in givanz Vvveb that allows for SQL injection. This issue is related to the

Import

function within the

admin/controller/tools/import.php

file of the Raw SQL Handler component. The attack can be initiated remotely. The exploit has been publicly disclosed.

Recommendations Apply patch 52204b4a106b2fb02d16eee06a88a1f2697f9b35 to resolve this issue.

Exploit

Fix

SQL injection

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

CVE-2025-11944

Givanz Vvveb