PT-2025-53657 · Phpok3W · Phpok3W
Formanagain
·
Published
2025-12-28
·
Updated
2026-01-02
·
CVE-2025-15142
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
9786 phpok3w versions prior to 901d96a06809fb28b17f3a4362c59e70411c933c
Description
A flaw exists in 9786 phpok3w. The issue is related to the manipulation of the
ID argument, which can lead to SQL injection within the show.php file. The attack can be initiated remotely. The project was notified of the issue but has not yet responded.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Special Elements Injection
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Phpok3W