Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.3
Crete Core: Malicious SQL Code Can Be Injected into Database
CVE-2025-69305
Summary
A security issue in Crete Core's database system allows an attacker to inject malicious SQL code, potentially allowing them to access or modify sensitive information. This affects Crete Core versions up to 1.4.3. To fix the issue, update to a newer version of Crete Core.
Original title
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Crete Core crete-core allows Blind SQL Injection.This issue affects Crete Core: fr...
Original description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeconceTheme Crete Core crete-core allows Blind SQL Injection.This issue affects Crete Core: from n/a through <= 1.4.3.
nvd CVSS3.1
9.3
Vulnerability type
CWE-89
SQL Injection
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026