CVE Details
Basic Information
| Title | code-projects Vehicle Management addvehicle.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-07-31T09:02:19.506Z |
| Modified | 2025-07-31T09:02:19.506Z |
Product Information
| Vendor | code-projects |
|---|---|
| Product | Vehicle Management |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A SQL injection vulnerability exists in the Vehicle Management system by code-projects, specifically affecting the /addvehicle.php file. This allows remote attackers to inject malicious SQL code, potentially leading to unauthorized data access or modification. The issue is considered critical due to the potential impact on data integrity and security. |
|---|---|
| AI Severity | High |
| AI Vendor | code-projects |
| AI Product | Vehicle Management |
| AI Version | 1.0 |
Affected Products
- code-projects Vehicle Management 1.0
Additional Information
| CWE List | CWE-89, CWE-74 |
|---|---|
| Source | VulDB |
Description
A vulnerability was found in code-projects Vehicle Management 1.0. It has been rated as critical. This issue affects some unknown processing of the file /addvehicle.php. The manipulation of the argument vehicle leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.