CVE-2025-32148

Published Apr 4, 2025

Last updated 3 months ago

CVSS high 8.5

Overview

Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Daisycon Daisycon prijsvergelijkers allows SQL Injection. This issue affects Daisycon prijsvergelijkers: from n/a through 4.8.4.
Source
audit@patchstack.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.5
Impact score
4.7
Exploitability score
3.1
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
Severity
HIGH

Weaknesses

audit@patchstack.com
CWE-89

Social media

Hype score
Not currently trending

  1. [CVE-2025-32148: HIGH] SQL Injection vulnerability found in Daisycon prijsvergelijkers allows attackers to exploit the system. Update to version 4.8.5 or higher to patch this security issue.#cybersecurity,#vulnerability https://t.co/67zJ1tXszA https://t.co/xjCbs9M02h

    @CveFindCom

    7 Apr 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 CVE-2025-32148 🔴 HIGH (8.5) 🏢 Daisycon - Daisycon prijsvergelijkers 🏗️ Unknown Version 🔗 https://t.co/tR9yimcVRK #CyberCron #VulnAlert #InfoSec https://t.co/C3B1JRdshg

    @cybercronai

    6 Apr 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.