cvedb.io
CVE-2025-2655
HIGH · CVSS 7.3
EPSS exploitation probability: 0%
Published 2025-03-23T17:15:29.687 · Last modified 2026-06-17T09:07:22.747

Summary

A vulnerability was detected in SourceCodester AC Repair and Services System 1.0. The affected element is the function save_users/delete_users of the file /classes/Users.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. Other parameters might be affected as well.

Affected products

oretnom23 — ac_repair_and_services_system

Does this affect you?

Add your gear to cvedb and we'll alert you only when oretnom23 ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.