Vulnerability Description
Improper neutralization of input provided by a low-privileged user into a file search functionality in Ready_'s Invoices module allows for SQL Injection attacks.
Related Weaknesses (CWE)
References
- https://cert.pl/en/posts/2025/04/CVE-2025-1980
- https://cert.pl/posts/2025/04/CVE-2025-1980
- https://ready-os.com/pl/
FAQ
What is CVE-2025-1981?
CVE-2025-1981 is a documented vulnerability. Improper neutralization of input provided by a low-privileged user into a file search functionality in Ready_'s Invoices module allows for SQL Injection attacks.
How severe is CVE-2025-1981?
CVSS scoring is not yet available for CVE-2025-1981. Check NVD for updates.
Is there a patch for CVE-2025-1981?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.