CVE-2025-13421

Name of the Vulnerable Software and Affected Versions itsourcecode Human Resource Management System version 1.0

Description A security issue exists in itsourcecode Human Resource Management System 1.0. Manipulation of the noticeDesc argument within an unknown function of the file /src/store/NoticeStore.php can lead to SQL injection. This attack can be launched remotely. The exploit has been publicly disclosed.

Recommendations Address the SQL injection issue by sanitizing or validating the noticeDesc argument before using it in database queries within the /src/store/NoticeStore.php file.