CVE-2025-25222 Information

Description

The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version) contains an SQL injection vulnerability in retrieve.php. If this vulnerability is exploited information in a database may be deleted altered or retrieved.

Reference

https://jvn.jp/en/jp/JVN26024080/ https://www.luxsoft.eu/?download https://www.luxsoft.eu/lcforum/viewtopic.php?pid=1984#p1984