code-projects Medical Store Management System ChangePassword.java sql injection_CVE-2025-8931

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was determined in code-projects Medical Store Management System 1.0. Affected is an unknown function of the file ChangePassword.java. The manipulation of the argument newPassTxt leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2025-8931

Source VulDB

Published Aug 14, 2025 at 02:32

Affected Product

Vendor code-projects

Product Medical Store Management System

Version 1.0

Affected Versions code-projects Medical Store Management System 1.0

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A vulnerability was determined in code-projects Medical Store Management System 1.0. Affected is an unknown function of the file ChangePassword.java. The manipulation of the argument newPassTxt leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.",
    "published": "2025-08-14T02:32:12.949Z",
    "modified": "2025-08-14T02:32:12.949Z",
    "type": "cve",
    "title": "code-projects Medical Store Management System ChangePassword.java sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.319890\nhttps://vuldb.com/?ctiid.319890\nhttps://vuldb.com/?submit.631664\nhttps://www.yuque.com/gongzi-jsnek/xb2q3a/tdgsgs7k1wrhc20v?singleDoc\nhttps://www.yuque.com/gongzi-jsnek/xb2q3a/tdgsgs7k1wrhc20v#vulnerability-details-and-poc\nhttps://code-projects.org/",
    "id": "CVE-2025-8931",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "code-projects Medical Store Management System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Medical Store Management System",
    "version": "1.0",
    "vendor": "code-projects",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}