CVE-2025-8124 | deerwms deer-wms-2 up to 3.3 unallocatedList params[dataScope] sql injection (ICLRF0)

A vulnerability was found in deerwms deer-wms-2 up to 3.3. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /system/role/authUser/unallocatedList. The manipulation of the argument params[dataScope] leads to sql injection.

This vulnerability is known as CVE-2025-8124. The attack can be launched remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More