THREATOPS
THREAT OPSCVEs › CVE-2025-25181

CVE-2025-25181 — Advantive VeraCore SQL Injection Vulnerability

CISA KEVExploited: confirmedAdvantive

Advantive VeraCore contains a SQL injection vulnerability in timeoutWarning.asp that allows a remote attacker to execute arbitrary SQL commands via the PmSess1 parameter.

Vulnerability details