CVE-2025-70024 - Vulnerability Analysis
CriticalCVSS: 9.8Last Updated: March 12, 2026
benkeen generatedata - SQL Injection
Published: March 11, 2026Updated: March 12, 2026Remote Exploitable
Overview
benkeen generatedata 4.0.14 contains an SQL injection caused by improper neutralization of special elements in SQL commands, letting attackers execute arbitrary SQL queries, exploit requires crafted input.
Severity & Score
Severity: Critical
CVSS Score: 9.8
Impact
Attackers can execute arbitrary SQL commands, potentially leading to data disclosure, modification, or deletion.
Mitigation
Update to the latest version.
References
Related Resources
Details
- CVE ID
- CVE-2025-70024
- Severity
- Critical
- CVSS Score
- 9.8
- Type
- sql_injection
- Status
- unconfirmed
CWE
- CWE-89
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H