CVE-2025-1189

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Feb 12, 2025

Updated: Feb 20, 2025

CWE ID 89

CWE ID 74

Summary

CVE-2025-1189 is a critical vulnerability affecting version 1.0 of the 1000 Projects Attendance Tracking Management System. This weakness lies within the /admin/chart1.php file, and the manipulation of the course_id argument can result in SQL injection. Attackers can exploit this remotely, making it a significant threat. The exploit for this vulnerability has been made public, increasing the risk of widespread attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Attendance Tracking Management System

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3ONkwh
https://www.cve.org/CVERecord?id=CVE-2025-1189
https://nvd.nist.gov/vuln/detail/CVE-2025-1189

Back to Vulnerability Database

CVE-2025-1189

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations