CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-25876: A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /delete.php. The attack can...

Description

A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /delete.php. The attack can use SQL injection to obtain sensitive data.

Classification

CVE ID: CVE-2025-25876

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 9.33% (scored less or equal to compared to others)

EPSS Date: 2025-03-22 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-25876
https://github.com/SticKManII/cve-poc/blob/main/chat-box/2/poc.md

Timeline

2025-02-21 18:41:20 UTC
CVE

A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /delete.php. The attack can...