{"id":7388,"date":"2025-06-30T02:27:24","date_gmt":"2025-06-30T02:27:24","guid":{"rendered":"http:\/\/localhost\/?p=7388"},"modified":"2025-06-30T02:27:24","modified_gmt":"2025-06-30T02:27:24","slug":"code-projects-inventory-management-system-createuserphp-sql-injection","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=7388","title":{"rendered":"code-projects Inventory Management System createUser.php sql injection"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\ncode-projects Inventory Management System createUser.php sql injection<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-06-30T06:32:05.341Z<\/td>\n<\/tr>\n
Last Seen<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\ncode-projects<\/td>\n<\/tr>\n
Product<\/th>\nInventory Management System<\/td>\n<\/tr>\n
Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n\n\n\n
Base Score<\/th>\n6.9 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:N\/UI:N\/VC:L\/VI:L\/VA:L\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\n<\/td>\n<\/tr>\n
Integrity Impact<\/th>\n<\/td>\n<\/tr>\n
Availability Impact<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA SQL injection vulnerability exists in the createUser.php file of the Inventory Management System. This allows remote attackers to inject malicious SQL code, potentially leading to unauthorized data access or modification. The vulnerability has been publicly disclosed and could be exploited by remote attackers.<\/td>\n<\/tr>\n
AI Severity<\/th>\nHigh<\/td>\n<\/tr>\n
Vendor<\/th>\ncode-projects<\/td>\n<\/tr>\n
Product<\/th>\nInventory Management System<\/td>\n<\/tr>\n
Affected Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n