{"id":7369,"date":"2025-06-29T16:41:56","date_gmt":"2025-06-29T16:41:56","guid":{"rendered":"http:\/\/localhost\/?p=7369"},"modified":"2025-06-29T16:41:56","modified_gmt":"2025-06-29T16:41:56","slug":"sourcecodester-simple-company-website-loginphp-sql-injection","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=7369","title":{"rendered":"SourceCodester Simple Company Website Login.php sql injection"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nSourceCodester Simple Company Website Login.php sql injection<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-06-29T20:32:05.871Z<\/td>\n<\/tr>\n
Last Seen<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nSourceCodester<\/td>\n<\/tr>\n
Product<\/th>\nSimple Company Website<\/td>\n<\/tr>\n
Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n\n\n\n
Base Score<\/th>\n6.9 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:N\/UI:N\/VC:L\/VI:L\/VA:L\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\n<\/td>\n<\/tr>\n
Integrity Impact<\/th>\n<\/td>\n<\/tr>\n
Availability Impact<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA critical SQL injection vulnerability has been identified in SourceCodester’s Simple Company Website version 1.0. This vulnerability allows remote attackers to inject malicious SQL code through the Username argument in the Login.php file, potentially leading to unauthorized database access and data manipulation.<\/td>\n<\/tr>\n
AI Severity<\/th>\nMedium<\/td>\n<\/tr>\n
Vendor<\/th>\nSourceCodester<\/td>\n<\/tr>\n
Product<\/th>\nSimple Company Website<\/td>\n<\/tr>\n
Affected Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n