CVE-2025-0336: Codezips Project Management System teacher.php sql injection
First published: Thu Jan 09 2025(Updated: )
A vulnerability was found in Codezips Project Management System 1.0. It has been classified as critical. This affects an unknown part of the file /pages/forms/teacher.php. The manipulation of the argument name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Codezips Project Management System | ||
| Codezips Project Management System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-0336?
CVE-2025-0336 has been classified as critical.
How does CVE-2025-0336 affect the Codezips Project Management System?
CVE-2025-0336 affects the file /pages/forms/teacher.php, allowing for SQL injection through manipulation of the argument name.
Can CVE-2025-0336 be exploited remotely?
Yes, CVE-2025-0336 can be exploited remotely.
What types of attacks can CVE-2025-0336 lead to?
CVE-2025-0336 can lead to SQL injection attacks.
How can I remediate CVE-2025-0336?
To remediate CVE-2025-0336, ensure proper input validation and sanitization in the affected file.
- agent/weakness
- agent/references
- agent/title
- agent/type
- agent/description
- agent/first-publish-date
- agent/severity
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- agent/tags
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/nvd-api
- source/NVD
- vendor/codezips
- canonical/codezips project management system
- version/codezips project management system/1.0