CVE-2025-12926

CWE-74 CWE-89 — SQL Injection3 documents3 sources

Severity

5.3MEDIUM

EPSS

0.0%

top 94.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Sourcecodester Farm Management System Janobe Farm Management System

Timeline

PublishedNov 10

Description

A weakness has been identified in SourceCodester Farm Management System 1.0. The affected element is an unknown function of the file /review.php. This manipulation of the argument pid causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5sourcecodester/farm_management_system1.0

▶NVDjanobe/farm_management_system1.0

🔴Vulnerability Details

GHSA

GHSA-cfjq-p9cp-c745: A weakness has been identified in SourceCodester Farm Management System 1↗2025-11-10

▶

CVEList

SourceCodester Farm Management System review.php sql injection↗2025-11-10

▶