First published: Wed Feb 12 2025(Updated: )
A vulnerability classified as critical has been found in SourceCodester Best Church Management Software 1.1. Affected is an unknown function of the file /admin/edit_slider.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
SourceCodester Best Church Management Software | ||
Church Management System | =1.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2025-1202 is classified as a critical vulnerability.
CVE-2025-1202 affects an unknown function in the file /admin/edit_slider.php, allowing for SQL injection through manipulation of the id parameter.
Yes, CVE-2025-1202 can be exploited remotely.
Exploiting CVE-2025-1202 may allow attackers to execute arbitrary SQL commands, potentially compromising the database.
To fix CVE-2025-1202, it's recommended to validate and sanitize user inputs in the affected file to mitigate SQL injection risks.