top of page
perceptive_background_267k.jpg

SQL Injection vulnerability in Chyrp v.2.5.2 and before allows a remote attacker to obtain sensitive information via the Admin.php component

Published:

15 maart 2026 om 23:00:00

Alert date:

16 maart 2026 om 21:03:40

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Database & Storage

A SQL injection vulnerability has been discovered in Chyrp CMS version 2.5.2 and earlier versions. The vulnerability exists in the Admin.php component and allows remote attackers to obtain sensitive information from the database. This is a critical security flaw that affects the administrative interface of the content management system. The vulnerability could potentially allow unauthorized access to sensitive data stored in the application's database. Organizations using affected versions of Chyrp should prioritize patching or implementing mitigations.

Technical details

Mitigation steps:

Affected products:

Chyrp CMS

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2025-69768
https://github.com/chyrp/chyrp
https://github.com/chyrp/chyrp/blob/768dd2f7/includes/controller/Admin.php#L1482
https://swetha-subramanian6.github.io/web%20security/cve/chyrp-sqli-cve/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page