CVE-2025-14694 | ketr JEPaaS up to 7.2.8 readAllPostil keyWord sql injection

A vulnerability was found in ketr JEPaaS up to 7.2.8. It has been classified as critical. This impacts the function readAllPostil of the file /je/postil/postil/readAllPostil. Performing manipulation of the argument keyWord results in sql injection.

This vulnerability is identified as CVE-2025-14694. The attack can be initiated remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More