CVE-2025-12292 – SourceCodester Point of Sales index.php sql injection

CVE ID : CVE-2025-12292

Published : Oct. 27, 2025, 4:15 p.m. | 29 minutes ago

Description : A vulnerability was determined in SourceCodester Point of Sales 1.0. This vulnerability affects unknown code of the file /index.php. This manipulation of the argument Username causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…