CVE-2025-60307
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk31th percentile - higher than 31% of all known CVEs
Summary
A SQL injection vulnerability has been discovered in code-projects Computer Laboratory System 1.0. Entering a universal password in the Password field on the login page can bypass authentication.
Risk Assessment
An attacker can gain unauthorized access to the system, potentially leading to data theft, modification, or deletion, as well as full application compromise.
Recommendation
Immediately update the system to the latest version or apply a patch that fixes the SQL injection vulnerability. Additionally, implement input validation and use prepared statements.
Original NVD description (English source)
code-projects Computer Laboratory System 1.0 has a SQL injection vulnerability, where entering a universal password in the Password field on the login page can bypass login attempts.

