CVE-2025-15195

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions code-projects Assessment Management version 1.0

Description A SQL injection issue exists due to manipulation of the linked[] argument within the /admin/add-module.php file. This manipulation affects some unknown functionality. The attack can be initiated remotely, and details of the exploit have been publicly disclosed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Special Elements Injection

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74CWE-89

Related Identifiers

CVE-2025-15195

Affected Products

Assessment Management

CVE-2025-15195

Weakness Enumeration

Related Identifiers

Affected Products

References · 9