2 matches found
CVE-2025-9741
Summary: CVE-2025-9741 affects code-projects Human Resource Integrated System 1.0, specifically the /login_query12.php file. The issue is a SQL injection caused by lack of validation of the ID parameter in that file. An attacker can remotely exploit this vulnerability, and a public exploit exists...
CVE-2025-9742
CVE-2025-9742 affects code-projects' Human Resource Integrated System 1.0. The vulnerability arises from improper handling of the login.php input, where manipulation of the user/pass parameters enables SQL injection. Impact stated in sources includes potential remote exploitation and data exposur...