CVE-2025-4837 – Projectworlds Student Project Allocation System SQL Injection Vulnerability

May 17, 2025

CVE ID : CVE-2025-4837

Published : May 17, 2025, 9:15 p.m. | 3 hours, 30 minutes ago

Description : A vulnerability classified as critical has been found in projectworlds Student Project Allocation System 1.0. This affects an unknown part of the file /make_group_sql.php. The manipulation of the argument mem1/mem2/mem3 leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4838 – Kanwangzjm Funiture Open Redirect Vulnerability

Next Article Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Microsoft’s allegiance isn’t to OpenAI’s pricey models — Satya Nadella’s focus is selling any AI customers want for maximum profits

If you think you can do better than Xbox or PlayStation in the Console Wars, you may just want to try out this card game

Surviving a 10 year stint in dev hell, this retro-styled hack n’ slash has finally arrived on Xbox

Save $400 on the best Samsung TVs, laptops, tablets, and more when you sign up for Verizon 5G Home or Home Internet

NodeSource N|Solid Runtime Release – May 2025: Performance, Stability & the Final Update for v18

NodeSource N|Solid Runtime Release – May 2025: Performance, Stability & the Final Update for v18

Big Changes at Meteor Software: Our Next Chapter

Apps in Generative AI – Transforming the Digital Experience

Microsoft’s allegiance isn’t to OpenAI’s pricey models — Satya Nadella’s focus is selling any AI customers want for maximum profits

Microsoft’s allegiance isn’t to OpenAI’s pricey models — Satya Nadella’s focus is selling any AI customers want for maximum profits

If you think you can do better than Xbox or PlayStation in the Console Wars, you may just want to try out this card game

Surviving a 10 year stint in dev hell, this retro-styled hack n’ slash has finally arrived on Xbox

CVE-2025-4837 – Projectworlds Student Project Allocation System SQL Injection Vulnerability

Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT

SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root

Jeremy’s Larabits: Popping Over with Popovers

Enabling Commerce Innovation with the Power of MongoDB and Google Cloud

PAR Scrape is a web scraping tool

Learnpal AI

Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year

NVIDIA’s RTX 4060 is aging horribly as Indiana Jones and the Great Circle Nazi-punches your VRAM

President Sally Kornbluth and OpenAI CEO Sam Altman discuss the future of AI

Why learning and teaching the good stuff is hard

CVE-2025-4837 – Projectworlds Student Project Allocation System SQL Injection Vulnerability

Related Posts