# CVE-2018-25294

> Vulnerability · severity: **HIGH** (CVSS 7.5).

## Description

CEWE Photoshow 6.3.4 contains a buffer overflow vulnerability in the login dialog that allows attackers to crash the application by submitting oversized input. Attackers can inject 4000 bytes of data into the email address and password fields to trigger a denial of service condition.

## Key facts

- **CVE ID:** CVE-2018-25294
- **Published:** 2026-04-26
- **CVSS severity:** HIGH
- **CVSS base score:** 7.5
- **CWE codes:** CWE-120

## Primary sources

- NIST NVD: https://nvd.nist.gov/vuln/detail/CVE-2018-25294

## Citation

> AI Analytics. CVE-2018-25294. Retrieved 2026-05-17 from https://api.ai-analytics.org/cve/CVE-2018-25294. Derived from NIST NVD. Licensed CC0.

---

*[Dataset catalog](https://api.ai-analytics.org/datasets/) · [AI Analytics](https://api.ai-analytics.org/) · CC0 1.0*