CVE Details
Basic Information
| Title | code-projects Simple Chat System register.php sql injection |
|---|---|
| Type | cve |
| Published | 2024-05-16T09:31:04.488Z |
| Modified | 2024-08-01T20:55:10.387Z |
Product Information
| Vendor | code-projects |
|---|---|
| Product | Simple Chat System |
| Version | 1.0 |
CVSS Information
| Base Score | 5.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
AI Analysis
| AI Description | This vulnerability allows attackers to inject malicious SQL code into the Simple Chat System via the register.php file. This could enable unauthorized access to or manipulation of the database. The vulnerability is exploitable remotely and has been publicly disclosed. |
|---|---|
| AI Severity | Medium |
| AI Vendor | code-projects |
| AI Product | Simple Chat System |
| AI Version | 1.0 |
Affected Products
- code-projects Simple Chat System 1.0
Additional Information
| CWE List | CWE-89 |
|---|---|
| Source | VulDB |
Description
A vulnerability classified as critical was found in code-projects Simple Chat System 1.0. This vulnerability affects unknown code of the file /register.php. The manipulation of the argument name/number/address leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-264538 is the identifier assigned to this vulnerability.