CVE-2025-6467 – Code-projects Online Bidding System SQL Injection

June 22, 2025

CVE ID : CVE-2025-6467

Published : June 22, 2025, 6:15 a.m. | 7 hours, 28 minutes ago

Description : A vulnerability was found in code-projects Online Bidding System 1.0. It has been classified as critical. This affects an unknown part of the file /login.php. The manipulation of the argument User leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6468 – Code-projects Online Bidding System SQL Injection Vulnerability

Next Article CVE-2025-6466 – Ageerle Ruoyi-AI Unrestricted File Upload Vulnerability

Highlights

CVE-2025-4017 – Novel-Plus LogController Java Unauthenticated Remote Authorization Bypass

April 28, 2025

CVE ID : CVE-2025-4017

Published : April 28, 2025, 11:15 a.m. | 1 hour, 14 minutes ago

Description : A vulnerability classified as problematic was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This vulnerability affects the function list of the file nnovel-admin/src/main/java/com/java2nb/common/controller/LogController.java. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Google’s Agent2Agent protocol finds new home at the Linux Foundation

Decoding The SVG path Element: Curve And Arc Commands

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

Best early Prime Day Nintendo Switch deals: My 17 favorite sales live now

How I use VirtualBox to run any OS on my Mac – including Linux

Apple will give you a free pair of AirPods when you buy a MacBook or iPad for school – here’s who’s eligible

How Apple’s biggest potential acquisition ever could perplex AI rivals like Google

Music Streaming Platform using PHP and MySQL

Music Streaming Platform using PHP and MySQL

Solutions That Benefit Everyone – Why Inclusive Design Matters for All

Reducing Barriers Across Industries Through Inclusive Design

Windows 11 Installation Assistant Download: 2025 Guide

Windows 11 Installation Assistant Download: 2025 Guide

Didn’t Receive Gears of War: Reloaded Code? Explainer

Fix Vibrant Visuals Greyed Out in Minecraft Bedrock

CVE-2025-6467 – Code-projects Online Bidding System SQL Injection

Typhoon-like gang slinging TLS certificate ‘signed’ by the Los Angeles Police Department

Wedding Invitation Scam: SpyMax RAT Targets Indian WhatsApp Users, Stealing OTPs & Banking Credentials

CVE-2025-5361 – Campcodes Online Hospital Management System SQL Injection Vulnerability

CVE-2025-40673 – DinoRANK Unauthorized Invoice Access

CVE-2025-45237 – DBSyncer Unsecured Configuration File Access Vulnerability

CVE-2025-4121 – Netgear JWNR2000v2 Command Injection Vulnerability

CVE-2025-4017 – Novel-Plus LogController Java Unauthenticated Remote Authorization Bypass

I traveled 13,528 miles with these Snapdragon-powered laptops — Three key things make them ideal for trips

CVE-2025-27997 – Blizzard Battle.net Privilege Escalation Vulnerability

This GNOME Extension Simplifies iPhone Screen Sharing on Linux

CVE-2025-6467 – Code-projects Online Bidding System SQL Injection

Related Posts