Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Imaster | MEMS Events CRM | unaffected |
|
No data.
No data.
| Vendor | Product | Confidence | Versions |
|---|---|---|---|
| Imaster | Mems Events Crm | — | — |
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
Vendor Solution
No solution has been reported at this time.
Tracking
Sign in to view the affected projects.
No advisories yet.
Tue, 13 Jan 2026 09:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Imaster
Imaster mems Events Crm |
|
| Vendors & Products |
Imaster
Imaster mems Events Crm |
Mon, 12 Jan 2026 17:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Mon, 12 Jan 2026 14:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Imaster's MEMS Events CRM contains an SQL injection vulnerability in ‘phone’ parameter in ‘/memsdemo/login.php’. | |
| Title | Multiple vulnerabilities in Imaster products Open configuration options | |
| Weaknesses | CWE-89 | |
| References |
| |
| Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: INCIBE
Published:
Updated: 2026-01-12T16:23:28.618Z
Reserved: 2025-04-16T09:08:43.217Z
Link: CVE-2025-41006
Vulnrichment
Updated: 2026-01-12T15:27:59.727Z
NVD
Status : Deferred
Published: 2026-01-12T15:16:02.910
Modified: 2026-04-15T00:35:42.020
Link: CVE-2025-41006
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-01-13T09:27:38Z