Critical severity9.8NVD Advisory· Published Feb 18, 2025· Updated Jun 17, 2026
CVE-2025-25221
CVE-2025-25221
Description
The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version) contains an SQL injection vulnerability in pdf.php. If this vulnerability is exploited, information in a database may be deleted, altered, or retrieved.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <5.3.3M (MySQL), <5.3.3L (SQLite)
<5.3.3M (MySQL), <5.3.3L (SQLite)+ 1 more
- (no CPE)range: <5.3.3M (MySQL), <5.3.3L (SQLite)
- (no CPE)range: prior to 5.3.3L (SQLite version)
Patches
Vulnerability mechanics
References
3- jvn.jp/en/jp/JVN26024080/nvdThird Party Advisory
- www.luxsoft.eunvdProduct
- www.luxsoft.eu/lcforum/viewtopic.phpnvdRelease Notes
News mentions
0No linked articles in our index yet.