CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-29153: SQL Injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via the Data export, filters...

Description

SQL Injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via the Data export, filters functions.

Classification

CVE ID: CVE-2025-29153

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 10.62% (scored less or equal to compared to others)

EPSS Date: 2025-06-05 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-29153
https://worzyus.medium.com/391c437c3960
https://wellington-almeida.medium.com/poc-sql-391c437c3960

Timeline

2025-05-07 14:40:18 UTC
CVE

SQL Injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via the Data export, filters...