CNNVD-202510-2803 Information

CNNVD ID

CNNVD-202510-2803

Related CVE

CVE-2025-62617

• CNNVD Published: 2025-10-22

Description (Chinese)

Admidio是Admidio团队的一套开源的成员管理系统。该系统支持成员列表、事件管理、留言簿、相册和下载等功能。 Admidio 4.3.17之前版本存在SQL注入漏洞，该漏洞源于成员分配数据检索功能存在SQL注入，可能导致数据库完全破解。

Description (English)

Admimidio is an open-source member management system for the Admimidio team. The system supports members ’ lists, event management, message books, albums and downloads. The previous version of Admimidio 4.3.17 had an injection loophole in SQL, which stemmed from the SQL injection of the member distribution data retrieval function, which could lead to a complete breakdown of the database.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

Admidio

Published

2025-10-22

Last Modified

2026-02-24

References

https://github.com/Admidio/admidio/security/advisories/GHSA-2v5m-cq9w-fc33 https://github.com/Admidio/admidio/commit/fde81ae869e88a3cf42201f2548d57df785a37cb https://access.redhat.com/security/cve/cve-2025-62617

Patch

https://www.admidio.org/