CVE-2025-4023

Name of the Vulnerable Software and Affected Versions itsourcecode Placement Management System version 1.0

Description A critical issue affects the processing of the file /add company.php. The manipulation of the Name argument leads to SQL injection. The attack can be initiated remotely. Other parameters might also be affected.

Recommendations For itsourcecode Placement Management System version 1.0, consider disabling the /add company.php file or restricting access to it until a patch is available. Avoid using the Name argument in the affected file to minimize the risk of exploitation.