How severe is CVE-2025-0699?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.3 out of 10.

What type of vulnerability is CVE-2025-0699?

This is classified as CWE-74, which is a common weakness in software security.

CVE-2025-0699 - MEDIUM Severity | CVSS 6.3

Vulnerability Description

A vulnerability was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/sys/role/list. The manipulation of the argument sort leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

Related Vulnerabilities

CVE-2016-2980

MEDIUM

CVSS:6.3(Medium)

The Sametime WebPlayer 8.5.2 and 9.0 is vulnerable to a script injection where a malicious site can inject their own script by exploiting a vulnerability in the way that the WebPlayer works. IBM X-For...

CWE-742016

CVE-2017-18389

MEDIUM

CVSS:6.3(Medium)

cPanel before 68.0.15 allows string format injection in dovecot-xaps-plugin (SEC-318).

CWE-742017

CVE-2017-20196

MEDIUM

CVSS:6.3(Medium)

A vulnerability was found in Itechscripts School Management Software 2.75. It has been classified as critical. This affects an unknown part of the file /notice-edit.php. The manipulation of the argume...

CWE-742017

CVE-2018-25106

MEDIUM

CVSS:6.3(Medium)

A vulnerability, which was classified as critical, has been found in webuidesigning NebulaX Theme up to 5.0 on WordPress. This issue affects the function nebula_send_to_hubspot of the file libs/Legacy...

CWE-742018

CVE-2019-10792

MEDIUM

CVSS:6.3(Medium)

bodymen before 1.1.1 is vulnerable to Prototype Pollution. The handler function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.

CWE-742019

CVE-2019-10793

MEDIUM

CVSS:6.3(Medium)

dot-object before 2.1.3 is vulnerable to Prototype Pollution. The set function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.

CWE-742019