Vulnerabilities

CVE-2025-40682

by Fred · 29/07/2025

SQL injection vulnerability in Human Resource Management System version 1.0, which allows an attacker to retrieve, create, update and delete databases via the “city” and “state” parameters in the /controller/ccity.php endpoint.

Assigner : cve-coordination@incibe.es

More information : https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-human-resource-management-system

Similar

Tags: Cybersecurity Alert