CNNVD-202506-3165 Information

Jun 25, 2025 cve

CNNVD ID

CNNVD-202506-3165

CVE-2025-6610

CNNVD Published: 2025-06-25

Description (Chinese)

itsourcecode Employee Management System是itsourcecode开源的一个员工管理系统。 itsourcecode Employee Management System 1.0版本存在注入漏洞，该漏洞源于文件/admin/editempprofile.php对参数FirstName处理不当，可能导致SQL注入攻击。

Description (English)

Its sourcecode Employee Management System is an open-source employee management system. There is an injection loophole in version 1.0 of itssourcecode Employe Management System, which originates from document/admin/editempprofile.php’s mishandling of parameter FirstName, which could lead to an SQL injection attack.

Hazard Level

High

Vulnerability Type

注入

Affected Vendor

itsourcecode

Published

2025-06-25

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.313827 https://vuldb.com/?id.313827 https://github.com/Sp1d3rL1/CVE/issues/5 https://vuldb.com/?submit.601940 https://itsourcecode.com/ https://nvd.nist.gov/vuln/detail/CVE-2025-6610

Share on: