itsourcecode COVID Tracking System Admin Login login.php sql injection

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in itsourcecode COVID Tracking System 1.0. Affected is an unknown function of the file /admin/login.php of the component Admin Login. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2025-14584

Source VulDB

Published Dec 12, 2025 at 22:32

Affected Product

Vendor itsourcecode

Product COVID Tracking System

Version 1.0

Affected Versions itsourcecode COVID Tracking System 1.0

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in itsourcecode COVID Tracking System 1.0. Affected is an unknown function of the file /admin/login.php of the component Admin Login. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.",
    "published": "2025-12-12T22:32:05.904Z",
    "modified": "2025-12-12T22:32:05.904Z",
    "type": "cve",
    "title": "itsourcecode COVID Tracking System Admin Login login.php sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.336204\nhttps://vuldb.com/?ctiid.336204\nhttps://vuldb.com/?submit.705534\nhttps://github.com/Wegetmore/CVE/issues/1\nhttps://itsourcecode.com/",
    "id": "CVE-2025-14584",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "itsourcecode COVID Tracking System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "COVID Tracking System",
    "version": "1.0",
    "vendor": "itsourcecode",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

itsourcecode COVID Tracking System Admin Login login.php sql injection_CVE-2025-14584