CVE-2025-5708

A vulnerability classified as critical has been found in code-projects Real Estate Property Management System 1.0. This affects an unknown part of the file /Admin/NewsReport.php. The manipulation of the argument txtFrom leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Configurations

No configuration.

History

09 Jun 2025, 15:15

Type Values Removed Values Added
References () https://github.com/YanHanQihomework/cve/issues/1 - () https://github.com/YanHanQihomework/cve/issues/1 -

06 Jun 2025, 14:07

Type Values Removed Values Added
Summary
  • (es) Se ha detectado una vulnerabilidad crítica en code-projects Real Estate Property Management System 1.0. Esta afecta a una parte desconocida del archivo /Admin/NewsReport.php. La manipulación del argumento txtFrom provoca una inyección SQL. Es posible iniciar el ataque de forma remota. Se ha hecho público el exploit y puede que sea utilizado.

06 Jun 2025, 01:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-06-06 01:15

Updated : 2025-06-09 15:15


NVD link : CVE-2025-5708

Mitre link : CVE-2025-5708

CVE.ORG link : CVE-2025-5708


JSON object : View

Products Affected

No product.

CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')