Sparx Pro Cloud Server Database SQL Injection Risk

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

9.5

Sparx Pro Cloud Server Database SQL Injection Risk

CVE-2025-15625

Summary

An attacker can execute unauthorized database commands to steal or modify data. This is a serious risk because it can allow an attacker to access sensitive information or disrupt the database. To protect your data, ensure that Sparx Pro Cloud Server is updated to the latest version and follow recommended security best practices.

Original title

Unauthenticated user is able to execute arbitrary SQL commands in Sparx Pro Cloud Server database in certain cases.

Original description

Unauthenticated user is able to execute arbitrary SQL commands in Sparx Pro Cloud Server database in certain cases.

nvd CVSS4.0 9.5

Vulnerability type

CWE-89 SQL Injection

CWE-200 Information Exposure

https://sparxsystems.com/products/procloudserver/6.1/history.html

Published: 17 Apr 2026 · Updated: 17 Apr 2026 · First seen: 17 Apr 2026