CVE-2025-6474 | code-projects Inventory Management System 1.0 /changeUsername.php user_id sql injection

Inserito da Angelo Barbosa | Giu 21, 2025 | CVE

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /changeUsername.php. The manipulation of the argument user_id leads to sql injection.

This vulnerability was named CVE-2025-6474. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-6474 | code-projects Inventory Management System 1.0 /changeUsername.php user_id sql injection

Post correlati

CVE-2023-52240 | Kantega SAML SSO OIDC Kerberos Single Sign-on App cross site scripting

CVE-2023-5401 | Honeywell Experion Server stack-based overflow

CVE-2024-49403 | Samsung Voice Recorder prior 21.5.40.37 access control

CVE-2024-39439 | Unisoc T606/T612/T616/T610/T618/T760/T770/T820/S8000 DRM Service out-of-bounds write