{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-66572", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2025-12-04T16:20:14.992Z", "datePublished": "2025-12-04T20:44:50.749Z", "dateUpdated": "2026-05-25T23:41:33.047Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-05-25T23:41:33.047Z"}, "datePublic": "2025-03-19T00:00:00.000Z", "title": "Loaded Commerce 6.6 Client-Side Template Injection(CSTI)", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Loaded Commerce 6.6 contains a client-side template injection vulnerability via the search parameter that allows unauthenticated attackers to execute arbitrary code in the victim's browser context when they visit a crafted URL."}], "value": "Loaded Commerce 6.6 contains a client-side template injection vulnerability via the search parameter that allows unauthenticated attackers to execute arbitrary code in the victim's browser context when they visit a crafted URL."}], "affected": [{"defaultStatus": "unaffected", "product": "Loaded Commerce", "vendor": "loadedcommerce", "versions": [{"status": "affected", "version": "6.6"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 6.9, "baseSeverity": "MEDIUM", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "source": {"discovery": "UNKNOWN"}, "references": [{"name": "ExploitDB-52084", "tags": ["exploit"], "url": "https://www.exploit-db.com/exploits/52084"}, {"name": "Loaded Commerce Homepage", "tags": ["product"], "url": "https://loadedcommerce.com/"}, {"tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/loaded-commerce-66-client-side-template-injectioncsti"}], "credits": [{"lang": "en", "value": "tmrswrr", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-09T19:51:13.324839Z", "id": "CVE-2025-66572", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-09T19:51:19.812Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-66572", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-09T19:51:13.324839Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-09T19:51:17.152Z"}}], "cna": {"title": "Loaded Commerce 6.6 Client-Side Template Injection(CSTI)", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "tmrswrr"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.9, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "loadedcommerce", "product": "Loaded Commerce", "versions": [{"status": "affected", "version": "6.6"}], "defaultStatus": "unaffected"}], "datePublic": "2025-03-19T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/52084", "name": "ExploitDB-52084", "tags": ["exploit"]}, {"url": "https://loadedcommerce.com/", "name": "Loaded Commerce Homepage", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/loaded-commerce-66-client-side-template-injectioncsti", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "Loaded Commerce 6.6 contains a client-side template injection vulnerability via the search parameter that allows unauthenticated attackers to execute arbitrary code in the victim's browser context when they visit a crafted URL.", "supportingMedia": [{"type": "text/html", "value": "Loaded Commerce 6.6 contains a client-side template injection vulnerability via the search parameter that allows unauthenticated attackers to execute arbitrary code in the victim's browser context when they visit a crafted URL.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-05-25T23:41:33.047Z"}}}, "cveMetadata": {"cveId": "CVE-2025-66572", "state": "PUBLISHED", "dateUpdated": "2026-05-25T23:41:33.047Z", "dateReserved": "2025-12-04T16:20:14.992Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2025-12-04T20:44:50.749Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Loaded Commerce 6.6 contains a client-side template injection vulnerability that allows unauthenticated attackers to execute code on the server via the search parameter."}], "id": "CVE-2025-66572", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2025-12-04T21:16:09.920", "references": [{"source": "disclosure@vulncheck.com", "url": "https://loadedcommerce.com/"}, {"source": "disclosure@vulncheck.com", "url": "https://www.exploit-db.com/exploits/52084"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/loaded-commerce-66-client-side-template-injectioncsti"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "disclosure@vulncheck.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-27T22:44:13.694110+00:00", "value": {"mitigation_remediation": ["Apply any vendor\u2011supplied patch or upgrade to a version that fixes the template injection issue; if no patch is available, upgrade to a later major version of Loaded Commerce. ", "Strictly validate or whitelist the search parameter to allow only safe characters and length limits; reject or sanitize any input that resembles template syntax.", "Employ a Web Application Firewall or similar filtering layer to block malicious template payloads before they reach the application logic.", "Keep the application and its dependencies, including any template engines, updated to the latest security releases."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The flaw affects the Loaded Commerce product, specifically version 6.6. Users running this version are exposed to the risk and should verify their installation and consider upgrading.", "description_and_impact": "Loaded Commerce 6.6 introduces a client\u2011side template injection flaw that allows unauthenticated attackers to execute arbitrary code on the server by manipulating the search parameter. The vulnerability is a direct command injection style weakness (CWE\u201178), enabling code execution with the permissions of the web application process, thereby compromising confidentiality, integrity, and availability of the affected system.", "risk_and_exploitability": "The CVSS score of 6.9 indicates moderate severity. EPSS is below 1%, suggesting the likelihood of exploitation is low at present. The vulnerability is not catalogued in CISA's KEV list. Attack access is unauthenticated, relying on a client\u2011side input vector \u2013 the search field \u2013 to deliver malicious template payloads that are processed server\u2011side. No zero\u2011day exploitation evidence is present, but exploit code is available in public exploit databases."}}}}, "created": "2025-12-05T10:52:17.415383+00:00", "updated": "2026-04-27T22:45:15.498819+00:00", "vendors": ["loadedcommerce", "loadedcommerce$PRODUCT$loaded_commerce"]}