CVE-2025-0201

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published Jan 4, 2025
CWE ID 89
CWE ID 74

Summary

CVE-2025-0201 is a critical vulnerability affecting the code-projects Point of Sales and Inventory Management System 1.0. This issue allows for sql injection by manipulating the argument "username" in the file "/user/update_account.php". An attacker can exploit this remotely, making it a significant security risk. The exploit for this vulnerability has been disclosed to the public, increasing the likelihood of real-world attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share