SQL Injection Vulnerability in ITSourcecode Simple ChatBox by ITSourcecode
CVE-2025-25875

Currently unrated

Key Information:

Vendor
ITSourcecode
Status
Simple ChatBox
Vendor
CVE Published:
21 February 2025

Summary

A security vulnerability exists in the ITSourcecode Simple ChatBox up to version 1.0, specifically within the /message.php file. This vulnerability allows attackers to exploit SQL injection techniques, potentially leading to unauthorized access to sensitive data stored in the database. Malicious actors can manipulate queries, risking unencrypted data exposure, which poses a significant threat to user privacy and application integrity.

References

https://github.com/SticKManII/cve-poc/blob/main/chat-box/...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-25875 : SQL Injection Vulnerability in ITSourcecode Simple ChatBox by ITSourcecode | SecurityVulnerability.io