itsourcecode Billing System login_crud.php sql injection_CVE-2025-12617

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A flaw has been found in itsourcecode Billing System 1.0. This affects an unknown function of the file /admin/app/login_crud.php. Executing manipulation of the argument Password can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used.

Basic Information

ID CVE-2025-12617

Source VulDB

Published Nov 3, 2025 at 04:32

Affected Product

Vendor itsourcecode

Product Billing System

Version 1.0

Affected Versions itsourcecode Billing System 1.0

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A flaw has been found in itsourcecode Billing System 1.0. This affects an unknown function of the file /admin/app/login_crud.php. Executing manipulation of the argument Password can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used.",
    "published": "2025-11-03T04:32:08.832Z",
    "modified": "2025-11-03T04:32:08.832Z",
    "type": "cve",
    "title": "itsourcecode Billing System login_crud.php sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.330911\nhttps://vuldb.com/?ctiid.330911\nhttps://vuldb.com/?submit.678665\nhttps://www.yuque.com/yuqueyonghuexlgkz/zepczx/py9oh6m1p7mx4eqr?singleDoc\nhttps://itsourcecode.com/",
    "id": "CVE-2025-12617",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "itsourcecode Billing System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Billing System",
    "version": "1.0",
    "vendor": "itsourcecode",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}