VYPR
High severity8.2NVD Advisory· Published May 30, 2026· Updated Jun 1, 2026

CVE-2018-25425

CVE-2018-25425

Description

Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers can send GET requests to index.php with crafted SQL payloads in the aid or cid parameters to extract database information including table and column names.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1
  • Yot/Yotllm-create
    Range: =3.3.1

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.