CVE-2025-14900 | CodeAstro Real Estate Management System 1.0 Administrator Endpoint /admin/userdelete.php ID sql injection

Inserito da Angelo Barbosa | Dic 18, 2025 | CVE

A vulnerability labeled as critical has been found in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /admin/userdelete.php of the component Administrator Endpoint. Such manipulation of the argument ID leads to sql injection.

This vulnerability is traded as CVE-2025-14900. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2025-14900 | CodeAstro Real Estate Management System 1.0 Administrator Endpoint /admin/userdelete.php ID sql injection

Post correlati

CVE-2022-49268 | Linux Kernel up to 5.4.188/5.10.109/5.15.32/5.16.18/5.17.1 snd_dma_free_pages null pointer dereference

CVE-2024-54113 | Huawei HarmonyOS 5.0.0 Print Module denial of service

CVE-2023-50326 | IBM PowerSC 1.3/2.0/2.1 excessive authentication (XFDB-275107)

CVE-2024-43758 | Adobe Illustrator up to 27.9.5/28.6 use after free (apsb24-66)