CVE-2025-7517 – Code-projects Online Appointment Booking System SQL Injection Vulnerability

July 13, 2025

CVE ID : CVE-2025-7517

Published : July 13, 2025, 5:15 a.m. | 11 hours, 13 minutes ago

Description : A vulnerability, which was classified as critical, has been found in code-projects Online Appointment Booking System 1.0. This issue affects some unknown processing of the file /getDay.php. The manipulation of the argument cidval leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-7520 – PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

Next Article starter best

Highlights

CVE-2025-5396 – WordPress Bears Backup Plugin Remote Code Execution Vulnerability

July 16, 2025

CVE ID : CVE-2025-5396

Published : July 17, 2025, 2:15 a.m. | 47 minutes ago

Description : The Bears Backup plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.0.0. This is due to the bbackup_ajax_handle() function not having a capability check, nor validating user supplied input passed directly to call_user_func(). This makes it possible for unauthenticated attackers to execute code on the server which can be leverage to inject backdoors or create new administrative user accounts to name a few things. On WordPress sites running the Alone theme versions 7.8.4 and older, this can be chained with CVE-2025-5394 to install the Bears Backup plugin and achieve the same impact.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Best React.js Development Services in 2025: Features, Benefits & What to Look For

August 2025: AI updates from the past month

This 3-in-1 charger has a retractable superpower that’s a must for travel

How a legacy hardware company reinvented itself in the AI age

The 13+ best Walmart Labor Day deals 2025: Sales on Apple, Samsung, LG, and more

You can save up to $700 on my favorite Bluetti power stations for Labor Day

Call for Speakers – JS Conf Armenia 2025

Call for Speakers – JS Conf Armenia 2025

Streamlining Application Automation with Laravel’s Task Scheduler

A Fluent Path Builder for PHP and Laravel

Windows 11 KB5064081 24H2 adds taskbar clock, direct download links for .msu offline installer

Windows 11 KB5064081 24H2 adds taskbar clock, direct download links for .msu offline installer

My Family Cinema not Working? 12 Quick Fixes

Super-linter – collection of linters and code analyzers

CVE-2025-7517 – Code-projects Online Appointment Booking System SQL Injection Vulnerability

WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices

Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling

Sam Altman predicts agentic AI “clicking around the Internet” — If you trust it not to empty your bank account or delete data

7 things you didn’t know your Microsoft account does on Windows 11

‘The budget card to beat right now’ — Radeon RX 9060 XT reviews are in, and it looks like a win for AMD

Chinese Student Jailed for Smishing: Operated Covert “SMS Blaster” in Car for Mass Phishing

CVE-2025-5396 – WordPress Bears Backup Plugin Remote Code Execution Vulnerability

With Copilot Studio’s new skill, your AI agent can use websites and apps just like you do

CVE-2025-6913 – PHPGurukul Student Record System SQL Injection Vulnerability

Microsoft yanks its Movies & TV store, ending a 19-year video experiment

CVE-2025-7517 – Code-projects Online Appointment Booking System SQL Injection Vulnerability

Related Posts