codehub666 94list function.php login sql injection_CVE-2025-13395

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A security flaw has been discovered in codehub666 94list up to 5831c8240e99a72b7d3508c79ef46ae4b96befe8. The impacted element is the function Login of the file /function.php. The manipulation results in sql injection. The attack can be launched remotely. The exploit has been released to the public and may be exploited. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

Basic Information

ID CVE-2025-13395

Source VulDB

Published Nov 19, 2025 at 11:02

Affected Product

Vendor codehub666

Product 94list

Version 5831c8240e99a72b7d3508c79ef46ae4b96befe8

Affected Versions codehub666 94list 5831c8240e99a72b7d3508c79ef46ae4b96befe8

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A security flaw has been discovered in codehub666 94list up to 5831c8240e99a72b7d3508c79ef46ae4b96befe8. The impacted element is the function Login of the file /function.php. The manipulation results in sql injection. The attack can be launched remotely. The exploit has been released to the public and may be exploited. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.",
    "published": "2025-11-19T11:02:05.449Z",
    "modified": "2025-11-19T11:02:05.449Z",
    "type": "cve",
    "title": "codehub666 94list function.php login sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.332923\nhttps://vuldb.com/?ctiid.332923\nhttps://vuldb.com/?submit.692095\nhttps://github.com/codehub666/94list/issues/63\nhttps://github.com/codehub666/94list/issues/63#issue-3607918945",
    "id": "CVE-2025-13395",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "codehub666 94list 5831c8240e99a72b7d3508c79ef46ae4b96befe8",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "94list",
    "version": "5831c8240e99a72b7d3508c79ef46ae4b96befe8",
    "vendor": "codehub666",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}