CVE-2025-1160CRITICAL 9.8EPSS p53.0%

CVE-2025-1160CVE-2025-1160

Description

A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument username/password leads to use of default credentials. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.84% probability of exploitation · percentile 53.0% · 2026-06-19T12:03:05Z
Published2025-02-10
Last modified2025-03-03

Underlying weaknesses· 1

CWE-1392

References

  1. https://gist.github.com/jmx0hxq/0e9cde14b6e9190a7451cd72d7b23bfd
  2. https://vuldb.com/?ctiid.295064
  3. https://vuldb.com/?id.295064
  4. https://vuldb.com/?submit.493860
  5. https://www.sourcecodester.com/

1

TypeTargetConfidenceTier
WeaknessUse of Default Credentialscwe-13920%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-13561
CVE
CVE-2025-0802
CVE
CVE-2025-12292
CVE
CVE-2025-11476
CVE
CVE-2025-6871
CVE
CVE-2025-9476
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.