code-projects Wedding Reservation global.php sql injection

July 14, 2025 invoker category_cve

CVE Details

Basic Information

Title code-projects Wedding Reservation global.php sql injection
Type cve
Published 2025-07-14T14:14:05.635Z
Modified 2025-07-14T14:14:05.635Z

Product Information

Vendor code-projects
Product Wedding Reservation
Version 1.0

CVSS Information

Base Score 6.9 (MEDIUM)
Attack Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

AI Analysis

AI Description A SQL injection vulnerability in Wedding Reservation 1.0’s global.php allows remote attackers to inject malicious SQL code, potentially leading to unauthorized data access and system compromise.
AI Severity High
AI Vendor code-projects
AI Product Wedding Reservation
AI Version 1.0

Affected Products

  • code-projects Wedding Reservation 1.0

Additional Information

CWE List CWE-89, CWE-74
Source VulDB

Description

A vulnerability was found in code-projects Wedding Reservation 1.0. It has been classified as critical. This affects an unknown part of the file /global.php. The manipulation of the argument lu leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.