CVE-2025-7714

Published Jan 29, 2026

Last updated a month ago

CVSS high 7.5

SQL injection

Overview

Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Global Interactive Design Media Software Inc. Content Management System (CMS) allows Command Line Execution through SQL Injection.This issue affects Content Management System (CMS): through 21072025.
Source: iletisim@usom.gov.tr
NVD status: Analyzed
Products: content_management_system

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

Weaknesses

iletisim@usom.gov.tr: CWE-89

Hype score: Not currently trending

CVE-2025-7714 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Global Interactive Design Media Software Inc. Content Management S… https://t.co/OfqHWkxTYG
@CVEnew
29 Jan 2026
77 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:globalmedya:content_management_system:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "2418FBF9-B5F0-4051-A7C8-90D65EED3113",
            "versionEndIncluding": "2025-07-21",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References