CVE-2025-14285 | code-projects Employee Profile Management System 1.0 edit_personnel.php per_id sql injection

Inserito da Angelo Barbosa | Dic 8, 2025 | CVE

A vulnerability was found in code-projects Employee Profile Management System 1.0. It has been declared as critical. Affected is an unknown function of the file edit_personnel.php. The manipulation of the argument per_id results in sql injection.

This vulnerability is reported as CVE-2025-14285. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2025-14285 | code-projects Employee Profile Management System 1.0 edit_personnel.php per_id sql injection

Post correlati

CVE-2025-1366 | MicroWord eScan Antivirus 7.0.32 on Linux VirusPopUp strcpy stack-based overflow

CVE-2024-57160 | 07FLY FLYCMS 1.3.9 /oa/OaTask/edit.html cross-site request forgery

CVE-2025-23179 | Ribbon Communications Apollo 9608 9.6R3 hard-coded credentials

CVE-2024-5453 | Metagauss ProfileGrid Plugin up to 5.8.6 on WordPress pm_dismissible_notice/pm_wizard_update_group_icon authorization