CVE-2025-1168 | SourceCodester Contact Manager with Export to VCF 1.0 delete-contact.php contact sql injection

Inserito da Angelo Barbosa | Feb 10, 2025 | CVE

A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/delete-contact.php. The manipulation of the argument contact leads to sql injection.

This vulnerability was named CVE-2025-1168. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-1168 | SourceCodester Contact Manager with Export to VCF 1.0 delete-contact.php contact sql injection

Post correlati

CVE-2024-3659 | KAON AR2140 up to 4.2.15 Administrative Portal os command injection

CVE-2023-7045 | GitLab Community Edition/Enterprise Edition up to 16.10.5/16.11.2/17.0.0 Kubernetes Agent Server cross-site request forgery (Issue 436358)

CVE-2023-49740 | Seraphinite Accelerator Plugin up to 2.20.28 on WordPress rt cross site scripting

CVE-2024-4592 | DedeCMS 5.7 sys_group_edit.php cross-site request forgery