CVE-2025-8439

Name of the Vulnerable Software and Affected Versions Wazifa System version 1.0

Description A critical vulnerability has been found in code-projects Wazifa System 1.0, affecting unknown processing of the file /controllers/updatesettings.php. Manipulation of the Password argument leads to a SQL injection. The attack can be initiated remotely, and the exploit has been disclosed to the public.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.