CVE-2025-7127

Medium CVSS: 5.1

A vulnerability, which was classified as critical, was found in itsourcecode Employee Management System up to 1.0. This affects an unknown part of the file /admin/changepassword.php. The manipulation of the argument currentpassword leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Vendor

Clivedelacruz

Product

Employee Management System

CWE

CWE-74

Yayın Tarihi

2025-07-07 12:15:23

Güncelleme

2025-07-08 18:29:02

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-74 Employee Management System MEDIUM Clivedelacruz 2025

Referanslar

https://github.com/manyufann/CVE/issues/3 https://itsourcecode.com/ https://vuldb.com/?ctiid.315039 https://vuldb.com/?id.315039 https://vuldb.com/?submit.605935 https://github.com/manyufann/CVE/issues/3

Benzer Kayıtlar

Medium

CVE-2025-8172

A vulnerability, which was classified as critical, was found in itsourcecode Employee Management System 1.0. Affected is…

Medium

CVE-2025-7126

A vulnerability, which was classified as critical, has been found in itsourcecode Employee Management System up to 1.0.…

Medium

CVE-2025-7125

A vulnerability classified as critical was found in itsourcecode Employee Management System up to 1.0. Affected by this…

Medium

CVE-2025-6610

A vulnerability was found in itsourcecode Employee Management System up to 1.0. It has been classified as critical. This…

Medium

CVE-2025-6351

A vulnerability was found in itsourcecode Employee Record Management System 1.0. It has been rated as critical. This iss…