CVE-2025-8438 | code-projects Wazifa System 1.0 postpublish.php post sql injection

Inserito da Angelo Barbosa | Lug 31, 2025 | CVE

A vulnerability classified as critical was found in code-projects Wazifa System 1.0. This vulnerability affects unknown code of the file /controllers/postpublish.php. The manipulation of the argument post leads to sql injection.

This vulnerability was named CVE-2025-8438. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-8438 | code-projects Wazifa System 1.0 postpublish.php post sql injection

Post correlati

CVE-2024-29199 | Nautobot up to 1.6.15/2.1.8 URL Endpoint information disclosure (GHSA-m732-wvh2-7cq4)

CVE-2024-3549 | Blog2Social Plugin up to 7.4.1 on WordPress sql injection

CVE-2023-50772 | Dingding JSON Pusher Plugin up to 2.0 on Jenkins Controller File System permission

CVE-2024-33139 | J2EEFAST 2.7.0 findpage sql_filter sql injection