CVE-2025-14230

Medium CVSS: 5.3

A vulnerability was detected in code-projects Daily Time Recording System 4.5.0. The impacted element is an unknown function of the file /admin/add_payroll.php. Performing manipulation of the argument detail_Id results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used.

Vendor

Carmelo

Product

Daily Time Recording System

CWE

CWE-74

Yayın Tarihi

2025-12-08 12:16:02

Güncelleme

2025-12-10 17:38:07

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-74 Daily Time Recording System MEDIUM Carmelo 2025

Referanslar

https://code-projects.org/ https://github.com/woshilaiyi/cve/issues/6 https://vuldb.com/?ctiid.334672 https://vuldb.com/?id.334672 https://vuldb.com/?submit.702426

Benzer Kayıtlar

Medium

CVE-2026-5019

A security vulnerability has been detected in code-projects Simple Food Order System 1.0. Affected by this vulnerability…

Medium

CVE-2026-5018

A weakness has been identified in code-projects Simple Food Order System 1.0. Affected is an unknown function of the fil…

Medium

CVE-2026-5017

A security flaw has been discovered in code-projects Simple Food Order System 1.0. This impacts an unknown function of t…

Medium

CVE-2026-4533

A vulnerability was detected in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown fu…

Medium

CVE-2026-3763

A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. The affected element is an unknown f…

Medium

CVE-2026-3745

A vulnerability was found in code-projects Student Web Portal 1.0. Affected is an unknown function of the file profile.p…