CVE-2025-8439 | code-projects Wazifa System 1.0 updatesettings.php Password sql injection

Inserito da Angelo Barbosa | Lug 31, 2025 | CVE

A vulnerability, which was classified as critical, has been found in code-projects Wazifa System 1.0. This issue affects some unknown processing of the file /controllers/updatesettings.php. The manipulation of the argument Password leads to sql injection.

The identification of this vulnerability is CVE-2025-8439. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-8439 | code-projects Wazifa System 1.0 updatesettings.php Password sql injection

Post correlati

CVE-2024-36675 | LyLme_spage 1.9.5 get_head server-side request forgery (Issue 92)

CVE-2025-1331 | IBM CICS TX Standard/CICS TX Advanced 10.1/11.1 gets inherently dangerous function

CVE-2025-20170 | Cisco IOS/IOS XE SNMP denial of service (cisco-sa-snmp-dos-sdxnSUcW)

CVE-2024-58264 | CosmWasm serde-json-wasm Crate up to 1.0.0 on Rust Deeply Nested JSON Data recursion (RUSTSEC-2024-0012)