Cyber Posture

CVE-2025-70397

HighPublic PoC

Published: 17 February 2026

Published
17 February 2026
Modified
19 February 2026
KEV Added
Patch
CVSS Score 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0004 13.9th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-70397 is a high-severity SQL Injection (CWE-89) vulnerability in Jizhicms Jizhicms. Its CVSS base score is 7.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 13.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190).
Threat & Defense Details

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

CA-8 Penetration Testing
addresses: CWE-89

Penetration testing uses SQL injection payloads against database interfaces, identifying and supporting fixes for SQL injection weaknesses.

SI-10 Information Input Validation
addresses: CWE-89

Validates query inputs to prevent SQL syntax or command manipulation.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
Why these techniques?

SQL injection in publicly accessible CMS admin endpoints directly enables T1190 (Exploit Public-Facing Application) for arbitrary SQL execution with high impact on C/I/A.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

jizhicms 2.5.6 is vulnerable to SQL Injection in Article/deleteAll and Extmolds/deleteAll via the data parameter.

Deeper analysisAI

CVE-2025-70397 is a SQL injection vulnerability (CWE-89) in jizhicms version 2.5.6, published on 2026-02-17. The issue affects the Article/deleteAll and Extmolds/deleteAll endpoints, where the 'data' parameter fails to properly sanitize user input, allowing injection of malicious SQL queries. It carries a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant data compromise.

Attackers with high privileges, such as authenticated administrators, can exploit this over the network with low complexity and no user interaction required. By crafting payloads in the 'data' parameter, they can execute arbitrary SQL commands, leading to high-impact outcomes: unauthorized access to sensitive data (confidentiality), modification or deletion of database contents (integrity), and disruption of service (availability).

Advisories and further details are available at http://jizhicms.com and https://www.23882.me/index.php/2026/02/15/jizhicms-%e5%90%8e%e5%8f%b0%e5%ad%98%e5%9c%a8sql%e6%b3%a8%e5%85%a5/. Security practitioners should consult these for vendor-recommended patches or workarounds.

Details

CWE(s)
CWE-89

Affected Products

jizhicms
jizhicms
2.5.6

CVEs Like This One

CVE-2025-50229Same product: Jizhicms Jizhicms
CVE-2026-3292Same product: Jizhicms Jizhicms
CVE-2025-50228Same product: Jizhicms Jizhicms
CVE-2025-25784Same product: Jizhicms Jizhicms
CVE-2025-25785Same product: Jizhicms Jizhicms
CVE-2020-37117Same product: Jizhicms Jizhicms
CVE-2026-3180Shared CWE-89
CVE-2025-1872Shared CWE-89
CVE-2026-32458Shared CWE-89
CVE-2026-24494Shared CWE-89

References