CVE-2025-50979
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-50979
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
NodeBB v4.3.0 is vulnerable to SQL injection in its search-categories API endpoint (/api/v3/search/categories). The search query parameter is not properly sanitized, allowing unauthenticated, remote attackers to inject boolean-based blind and PostgreSQL error-based payloads.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
NodeBB 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
NodeBB是Design Create Play团队的一套使用Node.js(一套建立在Google V8 JavaScript引擎之上的网络应用平台)构建的论坛系统。 NodeBB v4.3.0版本存在安全漏洞,该漏洞源于search-categories API端点中search query参数清理不当,可能导致SQL注入攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2025-50979
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-50979
请登录查看更多情报信息。
Same Patch Batch · n/a · 2025-08-27 · 18 CVEs total
| CVE-2025-54598 | Bevy 安全漏洞 | |
| CVE-2025-55618 | Hyundai Navigation App 安全漏洞 | |
| CVE-2025-55582 | D-Link DCS-825L 安全漏洞 | |
| CVE-2024-37777 | O2OA 安全漏洞 | |
| CVE-2025-55495 | Tenda AC6 安全漏洞 | |
| CVE-2025-51667 | admin-console 安全漏洞 | |
| CVE-2025-55422 | FoxCMS 安全漏洞 | |
| CVE-2025-50977 | Gitblit 安全漏洞 | |
| CVE-2025-50428 | raspap-webgui 安全漏洞 | |
| CVE-2025-56694 | lumasoft fotoShare Cloud 安全漏洞 | |
| CVE-2025-50984 | Diskover-web 安全漏洞 | |
| CVE-2025-50978 | Gitblit 安全漏洞 | |
| CVE-2025-50983 | readarr 安全漏洞 | |
| CVE-2025-50985 | Diskover-web 安全漏洞 | |
| CVE-2025-50972 | AbanteCart 安全漏洞 | |
| CVE-2025-50986 | Diskover-web 安全漏洞 | |
| CVE-2025-52122 | Solspace Freeform plugin for Craft CMS 安全漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2025-50979
No comments yet