CVE-2025-8934

Name of the Vulnerable Software and Affected Versions: 1000 Projects Sales Management System version 1.0

Description: A vulnerability has been found in an unknown function of the file /sales.php. The manipulation of the argument select2112 leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Recommendations: For 1000 Projects Sales Management System version 1.0, sanitize or properly validate the select2112 argument to prevent the injection of malicious scripts. As a temporary workaround, consider restricting access to the /sales.php file until a patch is available.