CVE-2025-14565 | kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464 login1.php Username sql injection

Inserito da Angelo Barbosa | Dic 12, 2025 | CVE

A vulnerability was found in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. It has been declared as critical. The affected element is an unknown function of the file /Profilers/SProfile/login1.php. Such manipulation of the argument Username leads to sql injection.

This vulnerability is listed as CVE-2025-14565. The attack may be performed from remote. In addition, an exploit is available.

CVE-2025-14565 | kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464 login1.php Username sql injection

Post correlati

CVE-2024-2868 | devitemsllc ShopLentor Plugin up to 2.8.3 on WordPress slitems cross site scripting

CVE-2025-5170 | llisoft MTA Maita Training System 4.5 AdminShitiController.java AdminShitiListRequestVo stTypeIds sql injection

CVE-2023-36639 | Fortinet FortiOS/FortiProxy/FortiPAM HTTPSd Daemon format string (FG-IR-23-138)

CVE-2024-24590 | Allegro AI ClearML up to 0.17.0 Artifact deserialization