CVE-2025-66260 | DB Electronica Telecomunicazioni Mozart FM Transmitter up to 7000 status_sql.php pg_escape_string sw1/sw2 sql injection

November 26, 2025 Yanac

A vulnerability categorized as critical has been discovered in DB Electronica Telecomunicazioni Mozart FM Transmitter up to 7000. Affected is the function pg_escape_string of the file status_sql.php. Such manipulation of the argument sw1/sw2 leads to sql injection.

This vulnerability is referenced as CVE-2025-66260. It is possible to launch the attack remotely. No exploit is available.VulDB Recent EntriesRead More