Vulnerability Database

314,373

Total vulnerabilities in the database

CVE-2025-55703

An error-based SQL injection vulnerability exists in the Sunbird Power IQ 9.2.0 API. The vulnerability is due to an outdated API endpoint that applied arrays without proper input validation. This can allow attackers to manipulate SQL queries. This has been addressed in Power IQ version 9.2.1, where the API call code was updated to ensure safe handling of input values.

Published: Dec 15, 2025
Updated: Dec 17, 2025
CVE: CVE-2025-55703
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 2.5
AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

No affected software listed.

https://pastebin.com/C6hVPpF4
https://www.sunbirddcim.com/

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo