CVE-2025-0536

Name of the Vulnerable Software and Affected Versions 1000 Projects Attendance Tracking Management System version 1.0

Description A critical vulnerability was found in the 1000 Projects Attendance Tracking Management System. This issue affects unknown code of the file /admin/edit action.php. The manipulation of the attendance id argument leads to SQL injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Recommendations For version 1.0, consider disabling access to the /admin/edit action.php file until a patch is available. As a temporary workaround, restrict the manipulation of the attendance id argument to minimize the risk of SQL injection exploitation. Avoid using the attendance id argument in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.