HIGH
Livebms
CVE published 2026-05-30
CVE-2018-25424
CVE-2018-25424 documents an unauthenticated SQL injection vulnerability in Gate Pass Management System 2.1 that enables authentication bypass. The vulnerability resides in login-exec.php, where attacker-controlled input submitted via POST request parameters for login and password is incorporated into SQL queries without adequate sanitization. Successful exploitation allows remote attackers to authenticate [truncated]