CVE-2025-7859

Severity CVSS v4.0:
MEDIUM
Type:
CWE-74 Injection
Publication date:
20/07/2025
Last modified:
22/07/2025

Description

A vulnerability classified as critical was found in code-projects Church Donation System 1.0. This vulnerability affects unknown code of the file /members/update_password_admin.php. The manipulation of the argument new_password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.