CVE-2025-14598

CRITICAL

BeeS Software Solutions BET Portal - SQL Injection

Title source: llm

Description

BeeS Software Solutions BET Portal contains an SQL injection vulnerability in the login functionality of affected sites. The vulnerability enables arbitrary SQL commands to be executed on the backend database.

Exploits (1)

nomisec WRITEUP

by Afnaan-Ahmed · poc

https://github.com/Afnaan-Ahmed/CVE-2025-14598

View Code ZIP pw:eip

References (4)

[Third Party Advisory] https://afnaan.me/cve/cve-2025-14598

[Product] https://cloudilyaerp.com/

[Exploit, Third Party Advisory] https://github.com/Afnaan-Ahmed/CVE-2025-14598

[Third Party Advisory] https://www.kb.cert.org/vuls/id/361400

Scores

CVSS v3 9.8

EPSS 0.0002

EPSS Percentile 4.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-89

Status published

Products (1)

cloudilyaerp/bet_e-portal

Published Jan 09, 2026

Tracked Since Feb 18, 2026