CVE-2025-45065
CRITICALEmployee Record Management System in PHP and MySQL v1 - SQL Injection via loginerms.php Endpoint
Title source: llmDescription
employee record management system in php and mysql v1 was discovered to contain a SQL injection vulnerability via the loginerms.php endpoint.
References (3)
Core 3
Core References
Various Sources
https://docs.google.com/document/d/1Sq08I_eKCY-YOmVOQPIEj4Ui2pW0gIgXHcqD9fcvR7M/edit?usp=sharing
Various Sources
https://medium.com/@shrutukapoor25/cve-2025-45065-b58a33e65860
Scores
CVSS v3
9.8
EPSS
0.0037
EPSS Percentile
28.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
total
Details
CWE
CWE-89
Status
published
Published
Jul 07, 2025
Tracked Since
Feb 18, 2026