CVE-2025-4248 | SourceCodester Simple To-Do List System 1.0 /complete_task.php ID sql injection

Inserito da Angelo Barbosa | Mag 3, 2025 | CVE

A vulnerability has been found in SourceCodester Simple To-Do List System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /complete_task.php. The manipulation of the argument ID leads to sql injection.

This vulnerability is known as CVE-2025-4248. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2025-4248 | SourceCodester Simple To-Do List System 1.0 /complete_task.php ID sql injection

Post correlati

CVE-2024-37380 | Ubiquiti UniFi U6+ Access Point up to 6.6.73 VLAN Traffic access control

CVE-2024-13683 | Sperse Automate Hub Free up to 1.7.0 on WordPress Status Update cross-site request forgery

CVE-2024-50840 | Kashipara E-Learning Management System Project 1.0 HTTP POST Request /lms/admin/class.php class_name cross site scripting

CVE-2024-35698 | YITH WooCommerce Tab Manager Plugin up to 1.35.0 on WordPress cross site scripting