CVE-2024-25325 Information

Description

SQL injection vulnerability in Employee Management System v.1.0 allows a local attacker to obtain sensitive information via a crafted payload to the txtemail parameter in the login.php.

Reference

https://cxsecurity.com/issue/WLB-2024020062