CVE-2025-8436

Name of the Vulnerable Software and Affected Versions projectworlds Online Admission System version 1.0

Description A vulnerability exists in projectworlds Online Admission System version 1.0 related to SQL injection. The issue is located in an unknown functionality of the file /viewdoc.php. Manipulation of the ID argument can lead to SQL injection, and the attack can be launched remotely. The exploit has been publicly disclosed.

Recommendations As a temporary workaround, consider restricting access to the /viewdoc.php file until a fix is available. Sanitize the ID parameter before using it in any database queries.