VYPR

CVE 2025 56450

by Apboss123

Source repositories

CVEs (1)

  • CVE-2025-56450MedOct 21, 2025
    risk 0.42cvss 6.5epss 0.00

    Log2Space Subscriber Management Software 1.1 is vulnerable to unauthenticated SQL injection via the `lead_id` parameter in the `/l2s/api/selfcareLeadHistory` endpoint. A remote attacker can exploit this by sending a specially crafted POST request, resulting in the execution of…