CVE-2025-28057

owl-admin v3.2.2~ to v4.10.2 is vulnerable to SQL Injection in /admin-api/system/admin_menus/save_order.
Configurations

Configuration 1 (hide)

cpe:2.3:a:owladmin:owl_admin:*:*:*:*:*:*:*:*

History

09 Jul 2025, 02:09

Type Values Removed Values Added
New CVE

Information

Published : 2025-05-13 15:15

Updated : 2025-07-09 02:09


NVD link : CVE-2025-28057

Mitre link : CVE-2025-28057

CVE.ORG link : CVE-2025-28057


JSON object : View

Products Affected

owladmin

  • owl_admin
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')