CVE Details
Basic Information
| Title | code-projects Simple Forum register1.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-06-29T04:31:05.482Z |
| Last Seen |
Product Information
| Vendor | code-projects |
|---|---|
| Product | Simple Forum |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A SQL injection vulnerability in code-projects Simple Forum 1.0 allows remote attackers to inject arbitrary SQL commands via the User argument in register1.php. This could lead to unauthorized data access and modification. The vulnerability has been publicly disclosed and exploit code is available. |
|---|---|
| AI Severity | Medium |
| Vendor | code-projects |
| Product | Simple Forum |
| Affected Version | 1.0 |
Affected Products
- code-projects Simple Forum 1.0
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-89, CWE-74 |
| Bulletin Family |
References
Description
A vulnerability was found in code-projects Simple Forum 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /register1.php. The manipulation of the argument User leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.