Unknown · Employee Profile Management System · CVE-2025-14285
**Name of the Vulnerable Software and Affected Versions**
code-projects Employee Profile Management System version 1.0
**Description**
A flaw exists in the Employee Profile Management System that allows for remote code execution. The issue is located in the `edit personnel.php` file, specifically within an unknown function. Manipulation of the `per id` parameter can lead to a SQL injection. The exploit for this issue has been publicly released.
**Recommendations**
Apply a fix to address the SQL injection issue in the `edit personnel.php` file.