CVE-2025-11066 | code-projects Online Bidding System 1.0 bidlist.php ID sql injection

Inserito da Angelo Barbosa | Set 26, 2025 | CVE

A vulnerability, which was classified as critical, was found in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/bidlist.php. Executing manipulation of the argument ID can lead to sql injection.

The identification of this vulnerability is CVE-2025-11066. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2025-11066 | code-projects Online Bidding System 1.0 bidlist.php ID sql injection

Post correlati

CVE-2024-37486 | Paid Memberships Pro Plugin up to 3.0.5 on WordPress sql injection

CVE-2021-46907 | Linux Kernel up to 5.10.31/5.11/5.11.15 VMX __vmx_handle_exit array index (7f64753835a7/ce541d7b5956/04c4f2ee3f68)

CVE-2024-23179 | MediaWiki up to 1.40.1 GlobalBlocking Extension Special:GlobalBlock uselang cross site scripting

CVE-2022-25776 | Mautic insufficient permissions or privileges