EUVD-2025-2063

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Critical vulnerability in 1000 Projects Attendance Tracking System allows remote SQL injection attack

Reporter	Title	Published	Views	Family All 8
BDU FSTEC	The vulnerability of the /admin/chart1.php file of the attendance tracking management system, related to the failure to protect the SQL query structure, allows a perpetrator to execute arbitrary code.	5 May 202500:00	–	bdu_fstec
Circl	CVE-2025-1189	12 Feb 202510:16	–	circl
CNNVD	1000 Projects Attendance Tracking Management System 注入漏洞	12 Feb 202500:00	–	cnnvd
CVE	CVE-2025-1189	12 Feb 202509:31	–	cve
Cvelist	CVE-2025-1189 1000 Projects Attendance Tracking Management System chart1.php sql injection	12 Feb 202509:31	–	cvelist
NVD	CVE-2025-1189	12 Feb 202510:15	–	nvd
Positive Technologies	PT-2025-6470 · Unknown · 1000 Projects Attendance Tracking Management System	12 Feb 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-1189	7 Jan 202609:16	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "ad77bb57-8497-3805-a385-f452c06a6962",
        "vendor": {
          "name": "1000 Projects"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "dde4dadc-9bc3-3b10-a3de-87184b71f829",
        "product": {
          "name": "Attendance Tracking Management System"
        },
        "product_version": "1.0"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/takakie/CVE/blob/main/cve_2.md
1000projects	www.1000projects.org/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-1189

03 Oct 2025 20:07Current

6.6Medium risk

Vulners AI Score6.6

CVSS 45.3

CVSS 3.16.3 - 8.8

CVSS 26.5

CVSS 36.3

EPSS0.00102