CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-25875: A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /message.php. The attack...

Description

A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /message.php. The attack can use SQL injection to obtain sensitive data.

Classification

CVE ID: CVE-2025-25875

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.03% (probability of being exploited)

EPSS Percentile: 5.11% (scored less or equal to compared to others)

EPSS Date: 2025-03-22 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-25875
https://github.com/SticKManII/cve-poc/blob/main/chat-box/4/poc.md

Timeline

2025-02-21 18:41:19 UTC
CVE

A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /message.php. The attack...