| Name | CVE-2025-41034 |
| Description | An SQL injection vulnerability has been found in appRain CMF 4.0.5. This vulnerability allows an attacker to retrieve, create, update, and delete the database, through theĀ 'data%5BPage%5D%5Bname%5D' parameter in /apprain/page/manage-static-pages/create/. |
| Source | CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
NOT-FOR-US: appRain CMF