CVE-2025-8467

Name of the Vulnerable Software and Affected Versions Wazifa System version 1.0

Description A critical vulnerability exists in Wazifa System 1.0. The vulnerability affects an unknown functionality within the /controllers/regcontrol.php file. Manipulation of the Username argument results in a SQL injection. The attack can be launched remotely, and the exploit has been publicly disclosed and may be in use.

Recommendations Versions prior to 1.0 should be used. As a temporary workaround, consider restricting access to the /controllers/regcontrol.php file to minimize the risk of exploitation.