WRITEUP

WRITEUP

Exploit for CVE-2025-9742 - Code-Projects HRIS 1.0 - SQL Injection

AI Analysis

The writeup details an SQL injection vulnerability in the Human Resource Integrated System's login.php, demonstrating authentication bypass and time-based injection via crafted POST requests. It includes technical details, proof-of-concept payloads, and screenshots.

Attack Type

SQLi

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

Loading exploit code...

Download ZIP Password: eip

Source

Platform Writeup

Type poc

Files 1

https://github.com/cooorgi/cve/blob/main/hris_sql_login.md

Vulnerability

CVE-2025-9742

Code-Projects HRIS 1.0 - SQL Injection

HIGH

CVSS 7.3