A vulnerability was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. It has been classified as critical. Affected is an unknown function of the file edit_act.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS
No CVSS.
References
| Link | Resource |
|---|---|
| https://github.com/Hefei-Coffee/cve/issues/14 | Exploit Issue Tracking |
| https://github.com/Hefei-Coffee/cve/issues/14 | Exploit Issue Tracking |
| https://vuldb.com/?ctiid.300588 | Permissions Required VDB Entry |
| https://vuldb.com/?id.300588 | Third Party Advisory VDB Entry |
| https://vuldb.com/?submit.517965 | Third Party Advisory VDB Entry |
| https://www.sourcecodester.com/ | Product |
Configurations
History
01 Apr 2025, 20:26
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.sourcecodester.com/ - Product | |
| References | () https://vuldb.com/?submit.517965 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?ctiid.300588 - Permissions Required, VDB Entry | |
| References | () https://vuldb.com/?id.300588 - Third Party Advisory, VDB Entry | |
| References | () https://github.com/Hefei-Coffee/cve/issues/14 - Exploit, Issue Tracking | |
| CWE | CWE-89 | |
| First Time |
Mayurik advocate Office Management System
Mayurik |
|
| CPE | cpe:2.3:a:mayurik:advocate_office_management_system:1.0:*:*:*:*:*:*:* |
25 Mar 2025, 16:15
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : unknown |
| CWE | CWE-74 |
21 Mar 2025, 21:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-03-21 21:15
Updated : 2025-04-01 20:26
NVD link : CVE-2025-2604
Mitre link : CVE-2025-2604
JSON object : View
Products Affected
mayurik
- advocate_office_management_system
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')