CVE Details
Basic Information
| Title | code-projects Wazifa System postpublish.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-08-01T06:32:05.721Z |
| Modified | 2025-08-01T06:32:05.721Z |
Product Information
| Vendor | code-projects |
|---|---|
| Product | Wazifa System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A SQL injection vulnerability was found in Wazifa System 1.0, affecting the postpublish.php file. This vulnerability allows remote attackers to inject malicious SQL code, potentially leading to data breaches or system compromise. The issue has been publicly disclosed and could be exploited by malicious actors. |
|---|---|
| AI Severity | Medium |
| AI Vendor | code-projects |
| AI Product | Wazifa System |
| AI Version | 1.0 |
Affected Products
- code-projects Wazifa System 1.0
Additional Information
| CWE List | CWE-89, CWE-74 |
|---|---|
| Source | VulDB |
Description
A vulnerability classified as critical was found in code-projects Wazifa System 1.0. This vulnerability affects unknown code of the file /controllers/postpublish.php. The manipulation of the argument post leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.