cvedb.io
CVE-2025-54865
HIGH · CVSS 7.3
EPSS exploitation probability: 0%
Published 2025-08-05T01:15:42.710 · Last modified 2026-06-17T09:40:49.697

Summary

Tilesheets MediaWiki Extension adds a table lookup parser function for an item and returns the requested image. A missing backtick in a query executed by the Tilesheets extension allows users to insert and potentially execute malicious SQL code. This issue has not been fixed.

Affected products

ftb-gamepedia — tilesheets

Does this affect you?

Add your gear to cvedb and we'll alert you only when ftb-gamepedia ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.