SQL Injection Vulnerability in daicuocms by daicuocms
CVE-2025-61194

Currently unrated

Key Information:

Vendor: daicuocms
Status: daicuocms
Vendor: CVE Published:; 21 October 2025

What is CVE-2025-61194?

The daicuocms content management system version 1.3.13 is vulnerable to SQL injection through the library\think\db\Builder.php file. This vulnerability allows attackers to manipulate queries executed by the database, potentially leading to unauthorized access, data breaches, and manipulation of database contents. It is essential for users of affected versions to apply security measures and updates to mitigate risks.

References

https://github.com/wzy-most/zeyu-Wang/blob/main/sql/readm...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 21, 2025
Vulnerability Reserved
Sep 26, 2025

JSON