CVE-2025-14643

Summary

A vulnerability was found in code-projects Simple Attendance Record System 2.0. The affected element is an unknown function of the file /check.php. Performing manipulation of the argument student results in sql injection. Remote exploitation of the attack is possible. The exploit has been made public and could be used.

Affected Software

VendorProductVersion RangeStatus
code-projectsSimple Attendance Record System2.0affected

Weaknesses

  • CWE-89: SQL Injection
  • CWE-74: Injection

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: total

References