What the vulnerability does
01Description
The affected product is vulnerable to multiple SQL injections, which may allow an unauthorized attacker to disclose information.
CVSS base score
7.5/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Key dates
02Disclosure timeline
July 22, 2022
CVE published
April 16, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-3893 SQL Injection in MegaBIP
CVE-2024-0389 SourceCodester Student Attendance System attendance_report.php sql injection
CVE-2025-9238 Swatadru Exam-Seating-Arrangement Student Login student.php sql injection
CVE-2025-63029 WordPress WCFM Marketplace plugin <= 3.7.1 - SQL Injection vulnerability
CVE-2023-49750 WordPress Couponis Demo Plugin < 2.2 is vulnerable to SQL Injection
