PT-2025-4640 · Storeapps · Storeapps Smart Manager

Webula

Published

2025-01-21

Updated

2025-01-21

CVE-2025-22710

CVSS v3.1

7.6

High

Vector

AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L

The StoreApps Smart Manager is affected by an improper neutralization of special elements used in an SQL command, also known as SQL Injection, which allows Blind SQL Injection. This issue exists in versions from unknown up to 8.52.0. An exploit for this issue is available, which can be used to exploit the improper neutralization of special elements used in an SQL command, more information about the exploit can be found at https://t.co/2zgZKBceMd or https://t.co/BG6DMpSHNb. The vulnerable software is StoreApps Smart Manager, with affected versions being from unknown to 8.52.0. #StoreApps #SmartManager #SQLInjection #BlindSQLInjection #Exploit

Exploit

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2025-22710

Affected Products

Storeapps Smart Manager

PT-2025-4640 · Storeapps · Storeapps Smart Manager

CVE-2025-22710

Weakness Enumeration

Related Identifiers

Affected Products

References · 9