CVE-2025-8496

Name of the Vulnerable Software and Affected Versions projectworlds Online Admission System version 1.0

Description A critical vulnerability exists in projectworlds Online Admission System version 1.0 due to a SQL injection issue. The vulnerability is located in an unknown functionality of the /viewform.php file. Manipulation of the ID parameter allows for remote exploitation. The exploit for this issue has been publicly disclosed.

Recommendations As a temporary workaround, consider restricting access to the /viewform.php file until a fix is available. Sanitize the ID parameter to prevent SQL injection attacks.