CVE-2025-28969 – Cybio Gallery Widget SQL Injection

July 4, 2025

CVE ID : CVE-2025-28969

Published : July 4, 2025, 9:15 a.m. | 2 hours, 37 minutes ago

Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in cybio Gallery Widget allows SQL Injection. This issue affects Gallery Widget: from n/a through 1.2.1.

Severity: 8.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-28971 – CWD Web Designer Easy Elements Hider Cross-site Scripting Vulnerability

Next Article CVE-2025-28967 – Steve Truman Contact People LITE SQL Injection

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

Full-Stack Techies vs Toptal: Which Is Better for React.js Outsourcing?

The AI productivity paradox in software engineering: Balancing efficiency and human skill retention

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

Microsoft reportedly lacks the know-how to fully leverage OpenAI’s tech — despite holding IP rights

PHP 8.5.0 Alpha 1 available for testing

PHP 8.5.0 Alpha 1 available for testing

Recording cross browser compatible media

Celebrating Perficient’s Third Databricks Champion

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

CVE-2025-28969 – Cybio Gallery Widget SQL Injection

CVE-2025-24748 – LambertGroup All In One Slider Responsive SQL Injection

CVE-2025-27358 – mndpsingh287 Frontend File Manager Basic XSS Vulnerability

CVE-2025-3670 – WordPress KiwiChat NextClient Stored Cross-Site Scripting

CVE-2025-2905 (CVSS 9.1): Critical XXE Vulnerability Found in WSO2 API Manager

CVE-2025-49509 – Roland Beaussant Audio Editor & Recorder Missing Authorization Vulnerability

CVE-2025-34022 – Selea Targa IP OCR-ANPR Path Traversal Vulnerability

TechLeadConf 2025 in September

CVE-2025-48915 – Drupal COOKiES Consent Management Cross-Site Scripting (XSS)

CVE-2025-0921 – Mitsubishi Electric GENESIS64/MC Works64 Symbolic Link Privilege Escalation Vulnerability

Arolyn Burns

CVE-2025-28969 – Cybio Gallery Widget SQL Injection

Related Posts