PT-2025-9324 · 101News · 101News

Rafael Pedrero

Published

2025-03-03

Updated

2025-03-06

CVE-2025-1875

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions 101news versions 1.0

Description A SQL injection issue has been found, affecting the searchtitle parameter in the "search.php" endpoint.

Recommendations For version 1.0, avoid using the searchtitle parameter in the "search.php" endpoint until the issue is resolved.

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2025-1875

101News