CVE-2025-1168

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published Feb 11, 2025

Updated: Feb 18, 2025

CWE ID 89

CWE ID 74

Summary

CVE-2025-1168 is a critical vulnerability affecting the SourceCodester Contact Manager with Export to VCF 1.0. The issue lies within the unknown code of the file /endpoint/delete-contact.php, allowing for sql injection through the manipulation of the contact argument. This vulnerability can be exploited remotely, making it a significant security risk. The exploit for this vulnerability has been disclosed to the public, increasing the potential for malicious attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3N3RKX
https://www.cve.org/CVERecord?id=CVE-2025-1168
https://nvd.nist.gov/vuln/detail/CVE-2025-1168

Back to Vulnerability Database

CVE-2025-1168

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations