CVE Details
Basic Information
| Title | code-projects Library System notapprove.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-07-08T22:32:05.849Z |
| Modified | 2025-07-08T22:32:05.849Z |
Product Information
| Vendor | code-projects |
|---|---|
| Product | Library System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A SQL injection vulnerability was discovered in code-projects Library System 1.0, specifically in the notapprove.php file. This vulnerability allows remote attackers to inject malicious SQL code via the ID argument, potentially leading to unauthorized data access or modification. |
|---|---|
| AI Severity | Medium |
| AI Vendor | code-projects |
| AI Product | Library System |
| AI Version | 1.0 |
Affected Products
- code-projects Library System 1.0
Additional Information
| CWE List | CWE-89, CWE-74 |
|---|---|
| Source | VulDB |
Description
A vulnerability, which was classified as critical, has been found in code-projects Library System 1.0. This issue affects some unknown processing of the file /notapprove.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.