Jinbobo

1 exploit Active since Aug 2025
CVE-2025-54865 WRITEUP HIGH WRITEUP
Tilesheets 5.0.1-5.0.3 - SQL Injection via Missing Backtick in Query
Tilesheets MediaWiki Extension adds a table lookup parser function for an item and returns the requested image. A missing backtick in a query executed by the Tilesheets extension allows users to insert and potentially execute malicious SQL code. This issue has not been fixed.
CVSS 7.3