CVE-2025-14245 | IdeaCMS up to 1.8 Coupon.php whereRaw params sql injection

December 8, 2025 Yanac

A vulnerability classified as critical was found in IdeaCMS up to 1.8. This affects the function whereRaw of the file app/common/logic/index/Coupon.php. Such manipulation of the argument params leads to sql injection.

This vulnerability is traded as CVE-2025-14245. The attack may be launched remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More

CVE-2025-14246 | code-projects Simple Shopping Cart 1.0 /Customers/settings.php user_id sql injection
CVE-2025-14244 | GreenCMS 2.3.0603 Menu Management Page CustomController.class.php Link cross site scripting