CVE-2025-12939 | SourceCodester Interview Management System up to 1.0 /addCandidate.php candName sql injection

Inserito da Angelo Barbosa | Nov 10, 2025 | CVE

A vulnerability, which was classified as critical, was found in SourceCodester Interview Management System up to 1.0. Affected by this issue is some unknown functionality of the file /addCandidate.php. The manipulation of the argument candName results in sql injection.

This vulnerability is reported as CVE-2025-12939. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2025-12939 | SourceCodester Interview Management System up to 1.0 /addCandidate.php candName sql injection

Post correlati

CVE-2025-40053 | Linux Kernel up to 5.15.194/6.1.155/6.6.111/6.12.52/6.17.2 net netdev_alloc_skb_ip_align null pointer dereference

CVE-2024-42372 | SAP NetWeaver AS Java 7.5 System Landscape Directory authorization

CVE-2024-29200 | Kimai up to 2.12.x API insufficient granularity of access control

CVE-2024-10421 | SourceCodester Attendance and Payroll System 1.0 /admin/overtime_row.php id sql injection