Unknown · Code-Projects Project Monitoring System · CVE-2025-11074
**Name of the Vulnerable Software and Affected Versions**
code-projects Project Monitoring System version 1.0
**Description**
A flaw exists in code-projects Project Monitoring System 1.0 that allows for SQL injection. The issue is located in an unknown function of the `/login.php` file. Manipulation of the `username` and `password` arguments can trigger the injection. The attack can be initiated remotely. An exploit for this issue has been published.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.