PT-2025-35422 · Code Projects · Human Resource Integrated System
Cooorgi
·
Published
2025-08-31
·
Updated
2025-09-05
·
CVE-2025-9741
CVSS v3.1
7.3
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
code-projects Human Resource Integrated System version 1.0
Description
A vulnerability exists in code-projects Human Resource Integrated System 1.0, affecting unknown code within the
/login query12.php file. The manipulation of the ID argument causes a SQL injection. This issue can be initiated remotely, and the exploit has been publicly disclosed.Recommendations
Address the SQL injection issue in the
/login query12.php file by sanitizing the ID argument.Exploit
Fix
Special Elements Injection
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Human Resource Integrated System