CVE-2025-63724
MEDIUMSVX Portal 2.7A - SQL Injection via admin/update_setings.php
Title source: llmDescription
SQL injection (SQL-i) vulnerability in SVX Portal 2.7A via crafted POST request to admin/update_setings.php.
References (1)
Core 1
Core References
Exploit, Third Party Advisory
https://deepstrike.io/blog/sql-injection-in-svx-portal-v-2-7A
Scores
CVSS v3
6.0
EPSS
0.0023
EPSS Percentile
14.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-89
Status
published
Products (1)
radioinorr/svx_portal
2.7a
Published
Nov 14, 2025
Tracked Since
Feb 18, 2026