CVE-2025-29390

Name of the Vulnerable Software and Affected Versions: jerryhanjj ERP version 1.0

Description: The issue concerns SQL injection in the set password function located in application/controllers/home.php. This allows for potential manipulation of database queries.

Recommendations: For jerryhanjj ERP version 1.0, as a temporary workaround, consider disabling the set password function until a patch is available. Restrict access to the application/controllers/home.php file to minimize the risk of exploitation. Avoid using the set password function in the affected controller until the issue is resolved.