HIGH🇵🇱 Wersja polska

CVE-2025-45956

CVSS 8.8v3.1pub. 2025-04-29upd. 2025-05-14

A SQL injection vulnerability in manage_damage.php in Sourcecodester Computer Laboratory Management System v1.0 allows an authenticated attacker to execute arbitrary SQL commands via the "id" parameter

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Oretnom23 Computer Laboratory Management System

    APP
    Oretnom23
    1.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
SQLi
CWE
References

Related vulnerabilities

CVE-2024-34479CRITICAL9.8PL ✓ten sam produkt

SQL Injection w SourceCodester Computer Laboratory Management System

CVE-2024-34480CRITICAL9.8PL ✓ten sam produkt

SQL Injection w SourceCodester Computer Laboratory Management System 1.0

CVE-2024-31545CRITICAL9.4PL ✓ten sam produkt

SQL Injection w Computer Laboratory Management System v1.0 (parametr 'id')

CVE-2024-31547CRITICAL9.1PL ✓ten sam produkt

SQL Injection w Computer Laboratory Management System v1.0

CVE-2024-31546CRITICAL9.8PL ✓ten sam produkt

SQL Injection w Computer Laboratory Management System v1.0 — parametr 'id'