CVE-2025-4837 – Projectworlds Student Project Allocation System SQL Injection Vulnerability

May 17, 2025

CVE ID : CVE-2025-4837

Published : May 17, 2025, 9:15 p.m. | 3 hours, 30 minutes ago

Description : A vulnerability classified as critical has been found in projectworlds Student Project Allocation System 1.0. This affects an unknown part of the file /make_group_sql.php. The manipulation of the argument mem1/mem2/mem3 leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4838 – Kanwangzjm Funiture Open Redirect Vulnerability

Next Article Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Microsoft’s allegiance isn’t to OpenAI’s pricey models — Satya Nadella’s focus is selling any AI customers want for maximum profits

If you think you can do better than Xbox or PlayStation in the Console Wars, you may just want to try out this card game

Surviving a 10 year stint in dev hell, this retro-styled hack n’ slash has finally arrived on Xbox

Save $400 on the best Samsung TVs, laptops, tablets, and more when you sign up for Verizon 5G Home or Home Internet

NodeSource N|Solid Runtime Release – May 2025: Performance, Stability & the Final Update for v18

NodeSource N|Solid Runtime Release – May 2025: Performance, Stability & the Final Update for v18

Big Changes at Meteor Software: Our Next Chapter

Apps in Generative AI – Transforming the Digital Experience

Microsoft’s allegiance isn’t to OpenAI’s pricey models — Satya Nadella’s focus is selling any AI customers want for maximum profits

Microsoft’s allegiance isn’t to OpenAI’s pricey models — Satya Nadella’s focus is selling any AI customers want for maximum profits

If you think you can do better than Xbox or PlayStation in the Console Wars, you may just want to try out this card game

Surviving a 10 year stint in dev hell, this retro-styled hack n’ slash has finally arrived on Xbox

CVE-2025-4837 – Projectworlds Student Project Allocation System SQL Injection Vulnerability

Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT

SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root

Running out of Gmail storage? How to get another 15GB for free

CVE-2025-3968 – Codeprojects News Publishing Site Dashboard SQL Injection Vulnerability

Apple and Google Launch Cross-Platform Feature to Detect Unwanted Bluetooth Tracking Devices

Mandiant Report: Snowflake Users Targeted for Data Theft and Extortion

New GootLoader Campaign Targets Users Searching for Bengal Cat Laws in Australia

Integrating Stereoelectronic Effects into Molecular Graphs: A Novel Approach for Enhanced Machine Learning Representations and Molecular Property Predictions

Updated open source JavaScript library Tads Basic Game Objects with new examples

Screen Reader Accessibility Testing Tools

CVE-2025-4837 – Projectworlds Student Project Allocation System SQL Injection Vulnerability

Related Posts