CVE-2025-4541 – LmxCMS SQL Injection Vulnerability

May 11, 2025

CVE ID : CVE-2025-4541

Published : May 11, 2025, 4:15 p.m. | 4 hours, 14 minutes ago

Description : A vulnerability classified as critical has been found in LmxCMS 1.41. Affected is the function manageZt of the file cadminZtAction.class.php of the component POST Request Handler. The manipulation of the argument sortid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4542 – Freeebird Hotel Cross-Domain Policy Vulnerability

Next Article CVE-2025-4540 – MTSoftware C-Lodop Unquoted Search Path Vulnerability

tRPC vs GraphQL vs REST: Choosing the right API design for modern web applications

Jakarta EE 11 Platform launches with modernized Test Compatibility Kit framework

Can Good UX Protect Older Users From Digital Scams?

Warp 2.0 evolves terminal experience into an Agentic Development Environment

Microsoft Copilot secures a spot in classrooms as a “thought partner” — with Copilot Chat backed by OpenAI’s GPT-4o

OpenAI started as a “countervailing force” to Google — did Elon Musk and Sam Altman torpedo DeepMind’s plans to dictate AGI?

Gears of War: Reloaded preorders — where to buy and everything you need to know

OpenAI’s Sam Altman breaks silence on Microsoft feud with Satya Nadella — citing “points of tension” amid evolution plans

Are Semantic Layers Sexy Again? or The Rise and Fall and Rise of Semantic Layers

Are Semantic Layers Sexy Again? or The Rise and Fall and Rise of Semantic Layers

Salesforce Marketing Cloud Engagement vs. Oracle Eloqua

Exploring Lucidworks Fusion and Coveo Using Apache Solr

Microsoft Copilot secures a spot in classrooms as a “thought partner” — with Copilot Chat backed by OpenAI’s GPT-4o

Microsoft Copilot secures a spot in classrooms as a “thought partner” — with Copilot Chat backed by OpenAI’s GPT-4o

OpenAI started as a “countervailing force” to Google — did Elon Musk and Sam Altman torpedo DeepMind’s plans to dictate AGI?

Gears of War: Reloaded preorders — where to buy and everything you need to know

CVE-2025-4541 – LmxCMS SQL Injection Vulnerability

CVE-2025-36038: Critical RCE Vulnerability Discovered in IBM WebSphere Application Server

Cisco ISE Vulnerabilities June 2025

CVE-2025-48996 – HAX Penn State University Open-Apis Information Disclosure

6 Best Free and Open Source Linux Project Management Software

CVE-2025-29627 – KeeperChat Biometric Authentication Module Privilege Escalation Vulnerability

CVE-2025-5321 – Aimhubio Aim Remote Sandbox Bypass Vulnerability

Blockchain-Powered Digital Twins: Driving Efficiency & Innovation in Operations

How to Upgrade to Ubuntu 25.04 ‘Plucky Puffin’

How to Build Your Own Local AI: Create Free RAG and AI Agents with Qwen 3 and Ollama

Distribution Release: Ubuntu Studio 25.04

CVE-2025-4541 – LmxCMS SQL Injection Vulnerability

Related Posts