CVE-2025-4283

Name of the Vulnerable Software and Affected Versions SourceCodester/oretnom23 Stock Management System version 1.0

Description A critical issue affects the processing of the file /classes/Login.php?f=login, where the manipulation of the Username argument leads to SQL injection. The attack can be initiated remotely.

Recommendations For SourceCodester/oretnom23 Stock Management System version 1.0, consider disabling the login functionality in the /classes/Login.php file until a patch is available to prevent SQL injection attacks. Restrict access to the Username argument in the affected API endpoint to minimize the risk of exploitation.