PT-2025-37426 · Unknown · Baptism Information Management System
Chenguang Wang
+1
·
Publicado
2025-09-14
·
Atualizado
2025-09-18
·
CVE-2025-10405
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Baptism Information Management System version 1.0
Description
A SQL injection issue exists in the /listbaptism.php file due to manipulation of the
bapt id argument. This allows for remote attacks. The exploit has been publicly disclosed.Recommendations
As a temporary workaround, consider restricting access to the /listbaptism.php file until a fix is available.
Sanitize the
bapt id input to prevent SQL injection attacks.Exploit
Correção
SQL injection
Special Elements Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Baptism Information Management System