CVE Details
Basic Information
| Title | CVE-2025-4889 |
|---|---|
| Type | cve |
| Published | 2025-05-18T18:15:17 |
| Last Seen | 2025-05-18T18:21:19 |
CVSS Information
| Base Score | 5.3 (MEDIUM) |
|---|---|
| Attack Vector | LOCAL |
| Attack Complexity | LOW |
| Privileges Required | LOW |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | LOW |
| Integrity Impact | LOW |
| Availability Impact | LOW |
AI Analysis
| AI Description | A critical vulnerability in the Tourism Management System 1.0 by code-projects allows attackers to execute arbitrary code or cause a denial of service via the User Registration component’s AddUser function. The issue is due to improper input validation and can be exploited by local users with low privileges. No user interaction is required, and the impact includes low confidentiality, integrity, and availability loss. |
|---|---|
| AI Severity | Medium |
| Vendor | code-projects |
| Product | Tourism Management System |
| Affected Version | 1.0 |
Additional Information
| CVE List | CVE-2025-4889 |
|---|---|
| CWE List | CWE-119, CWE-120 |
| Bulletin Family | cve |
Description
A vulnerability has been found in code-projects Tourism Management System 1.0 and classified as critical. This vulnerability affects the function AddUser of the component User Registration. The manipulation…
CVSS Score Summary
Base Score: %!f(string=#) (MEDIUM)