We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Saurus CMS Community Edition since commit d886e5b0 (2010-04-23) is vulnerable to a SQL Injection vulnerability in the `prepareSearchQuery()` method in `FulltextSearch.class.php`. The application directly concatenates user-supplied input (`$search_word`) into SQL queries without sanitization, allowing attackers to manipulate the SQL logic and potentially extract sensitive information or escalate their privileges.
Reserved 2025-06-16 | Published 2025-08-01 | Updated 2025-08-01 | Assigner mitregithub.com/...81c720cd9de6b/classes/FulltextSearch.class.php
github.com/...erability-research/blob/main/CVE-2025-52390.md
Support options