CVE Details
Basic Information
| Title | code-projects Crime Reporting System userlogin.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-07-08T07:32:05.769Z |
| Modified | 2025-07-08T07:32:05.769Z |
Product Information
| Vendor | code-projects |
|---|---|
| Product | Crime Reporting System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A SQL injection vulnerability exists in the Crime Reporting System 1.0. This issue affects the ’email’ argument in userlogin.php, allowing remote attackers to inject malicious SQL code, potentially leading to unauthorized data access and system manipulation. |
|---|---|
| AI Severity | Medium |
| AI Vendor | code-projects |
| AI Product | Crime Reporting System |
| AI Version | 1.0 |
Affected Products
- code-projects Crime Reporting System 1.0
Additional Information
| CWE List | CWE-89, CWE-74 |
|---|---|
| Source | VulDB |
Description
A vulnerability was found in code-projects Crime Reporting System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /userlogin.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.