CVE-2025-10399 | Korzh EasyQuery up to 7.4.0 Query Builder UI fetch sql injection

A vulnerability classified as critical has been found in Korzh EasyQuery up to 7.4.0. This issue affects some unknown processing of the file /api/easyquery/models/nwind/fetch of the component Query Builder UI. This manipulation causes sql injection.

This vulnerability appears as CVE-2025-10399. The attack may be initiated remotely. In addition, an exploit is available.VulDB Recent EntriesRead More