CVE-2025-14667

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-14667

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-14667.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-14667

Published

2025-12-14T16:15:37.247Z

Modified

2026-03-14T15:01:53.091609Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A security vulnerability has been detected in itsourcecode COVID Tracking System 1.0. The impacted element is an unknown function of the file /admin/?page=systeminfo. Such manipulation of the argument metavalue leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.

References

Affected packages

Git /

Affected ranges

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "1.0"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-14667.json"