CVE-2025-31928

Published May 16, 2025

Last updated 2 months ago

CVSS high 8.5

Overview

Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup Multimedia Responsive Carousel with Image Video Audio Support allows SQL Injection. This issue affects Multimedia Responsive Carousel with Image Video Audio Support: from n/a through 2.6.0.
Source
audit@patchstack.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.5
Impact score
4.7
Exploitability score
3.1
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
Severity
HIGH

Weaknesses

audit@patchstack.com
CWE-89

Social media

Hype score
Not currently trending

  1. [CVE-2025-31928: HIGH] SQL Injection vulnerability found in LambertGroup Multimedia Responsive Carousel with Image Video Audio Support allows attackers to execute malicious commands. Update to version 2.6.1 ...#cve,CVE-2025-31928,#cybersecurity https://t.co/PhkiYUBvsI https://t.c

    @CveFindCom

    16 May 2025

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.