CVE-2025-7127 Information
Jul 08, 2025
cve
Description
A vulnerability which was classified as critical was found in itsourcecode Employee Management System up to 1.0. This affects an unknown part of the file /admin/changepassword.php. The manipulation of the argument currentpassword leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Reference
https://github.com/manyufann/CVE/issues/3 https://itsourcecode.com/ https://vuldb.com/?ctiid.315039 https://vuldb.com/?id.315039 https://vuldb.com/?submit.605935 https://github.com/manyufann/CVE/issues/3
Related CNNVD
CNNVD-202507-673 (Published: 2025-07-07)
Share on: