Serdar Bayram · Ghost Hot Spot · CVE-2025-12342
**Name of the Vulnerable Software and Affected Versions**
Serdar Bayram Ghost Hot Spot versions prior to 20251015
**Description**
A flaw exists in the Login component of Serdar Bayram Ghost Hot Spot. This issue is due to a SQL injection vulnerability within an unknown function of the `/Auth.php` file. The attack can be carried out remotely. The exploit has been published.
**Recommendations**
Update Serdar Bayram Ghost Hot Spot to a version later than 20251014.