CVE Details
Basic Information
| Title | SourceCodester PHP Display Username After Login login.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-05-31T05:00:08.430Z |
| Last Seen |
Product Information
| Vendor | SourceCodester |
|---|---|
| Product | PHP Display Username After Login |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A critical SQL injection vulnerability exists in the login.php file of SourceCodester PHP Display Username After Login 1.0. The ‘Username’ parameter is vulnerable, allowing remote attackers to execute arbitrary SQL commands. The exploit is publicly disclosed and may be actively used. |
|---|---|
| AI Severity | High |
| Vendor | SourceCodester |
| Product | PHP Display Username After Login |
| Affected Version | 1.0 |
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-89, CWE-74 |
| Bulletin Family | |
| Source Data | SourceCodester PHP Display Username After Login 1.0 |
Source Information
| Source Data | SourceCodester PHP Display Username After Login 1.0 |
|---|---|
| Source Link |
Description
A vulnerability classified as critical has been found in SourceCodester PHP Display Username After Login 1.0. Affected is an unknown function of the file /login.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score Summary
Base Score: 6.9 (MEDIUM)