Web Directory Free, CVE-2025-28904

CVE, Research URL: CVE-2025-28904
Home page URL: Security reports for Web Directory Free
Application: Web Directory Free
Published on: Mar 26, 2025
Research Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shamalli Web Directory Free allows Blind SQL Injection. This issue affects Web Directory Free: from n/a through 1.7.6.
Affected versions: Min -, max 1.7.7.
Status: vulnerable