CVE-2025-9150 | Surbowl dormitory-management-php up to 9f1d9d1f528cabffc66fda3652c56ff327fda317 violation_add.php?id=2 ID sql injection

A vulnerability described as critical has been identified in Surbowl dormitory-management-php up to 9f1d9d1f528cabffc66fda3652c56ff327fda317. Affected is an unknown function of the file /admin/violation_add.php?id=2. Such manipulation of the argument ID leads to sql injection. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is listed as CVE-2025-9150. The attack may be performed from a remote location. In addition, an exploit is available.

This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed.

CVE-2025-9150 | Surbowl dormitory-management-php up to 9f1d9d1f528cabffc66fda3652c56ff327fda317 violation_add.php?id=2 ID sql injection

Post correlati

CVE-2024-39405 | Adobe Commerce/Magento Open Source up to 2.4.4-p9/2.4.5-p8/2.4.6-p6/2.4.7-p1 improper authorization (apsb24-61)

CVE-2025-22209 | joomsky JS Jobs Component up to 1.4.3 on Joomla Employer Payment History Search searchpaymentstatus sql injection

CVE-2025-3869 | 4stats Plugin up to 2.0.9 on WordPress Setting stats/stats.php cross-site request forgery

CVE-2025-50491 | PHPGurukul Bank Locker Management System 1.0 /change-password.php session expiration