CVE-2025-11944

givanz Vvveb Raw SQL import.php import sql injection

Description

A vulnerability was determined in givanz Vvveb up to 1.0.7.3. This affects the function Import of the file admin/controller/tools/import.php of the component Raw SQL Handler. This manipulation causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. Patch name: 52204b4a106b2fb02d16eee06a88a1f2697f9b35. It is recommended to apply a patch to fix this issue.

INFO

Published Date :

2025-10-19T20:02:06.771Z

Last Modified :

2026-02-24T07:02:19.981Z

Source :

VulDB

AFFECTED PRODUCTS

The following products are affected by CVE-2025-11944 vulnerability.

Vendors	Products
Givanz	Vvveb
Vvveb	Vvveb

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-11944.

URL	Resource
https://github.com/givanz/Vvveb/
https://github.com/givanz/Vvveb/commit/52204b4a106b2fb02d16eee06a88a1f2697f9b35
https://github.com/givanz/Vvveb/issues/332
https://github.com/givanz/Vvveb/issues/332#issue-3505043543
https://vuldb.com/?ctiid.329024
https://vuldb.com/?id.329024
https://vuldb.com/?submit.673129

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Detailed values of each vector for above chart.

Access Vector

Access Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact