Home
Description
SQL Injection vulnerability in vran-dev databaseir v.1.0.7 and before allows a remote attacker to execute arbitrary code via the query parameter in the search API endpoint
References
github.com/vran-dev/databasir/issues/283
zeroday.endlessparadox.com/posts/cve-2025-66944/