SQL Injection Vulnerability in SourceCodester Simple Barangay Management System
CVE-2025-44192

9.8CRITICAL

Key Information:

Vendor: SourceCodester
Status: Simple Barangay Management System
Vendor: CVE Published:; 30 April 2025

Summary

The Simple Barangay Management System version 1.0 developed by SourceCodester is susceptible to SQL injection attacks through the /barangay_management/admin/?page=view_clearance endpoint. This vulnerability can be exploited by malicious actors to manipulate database queries, potentially leading to unauthorized access to sensitive data and system functionality.

References

https://github.com/red-team00/bug_report/blob/main/simple...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 30, 2025