CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2655 – SourceCodester AC Repair and Services System Users.php save_users sql injection
https://notcve.org/view.php?id=CVE-2025-2655
23 Mar 2025 — A vulnerability was found in SourceCodester AC Repair and Services System 1.0. It has been declared as critical. This vulnerability affects the function save_users of the file /classes/Users.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. • https://github.com/Colorado-all/cve/blob/main/AC%20Repair%20and%20Services%20System%20using/SQL-8.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2654 – SourceCodester AC Repair and Services System manage_service.php sql injection
https://notcve.org/view.php?id=CVE-2025-2654
23 Mar 2025 — A vulnerability was found in SourceCodester AC Repair and Services System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/services/manage_service.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. • https://github.com/Colorado-all/cve/blob/main/AC%20Repair%20and%20Services%20System%20using/SQL-4.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •