CVE-2025-11116

Name of the Vulnerable Software and Affected Versions code-projects Simple Scheduling System version 1.0

Description A flaw exists in code-projects Simple Scheduling System 1.0, specifically within the /add.home.php file. Manipulation of the faculty argument can lead to SQL injection. This issue is remotely exploitable and details about the exploit are publicly available. Other parameters may also be affected.

Recommendations Apply any available updates to address the issue in the /add.home.php file. As a temporary workaround, restrict or sanitize the faculty argument to prevent SQL injection. Review and sanitize all other input parameters to the /add.home.php file to identify and mitigate potential vulnerabilities.