code-projects Refugee Food Management System 1.0 refugeesreport2.php a SKL injekcija

Pronađena je ranjivost klasifikovana kao Kritične u code-projects Refugee Food Management System 1.0. Zahvaćeno je nepoznata funkcija u fajlu /home/refugeesreport2.php. Izmena argumenta a rezultira SKL injekcija. Upotreba CWE za identifikaciju problema vodi ka CWE-89. Ova slabost je objavljena 12/28/2025. Izveštaj je podeljen za preuzimanje na github.com. Ova bezbednosna slabost se vodi pod oznakom CVE-2025-15184. Postoji mogućnost pokretanja napada sa udaljene lokacije. Napad se mora sprovesti u okviru lokalne mreže. Tehničke informacije su dostupne. Поред тога, експлоит је доступан. Eksploit je objavljen javnosti i može se koristiti. Trenutno je cena za eksploataciju približno USD $0-$5k u ovom momentu. MITRE ATT&CK projekat navodi tehniku napada kao T1505. Proglašeno je za dokaz-of-koncept. Ekspoit je podeljen za preuzimanje na github.com. Kao 0-day, procenjena podzemna cena iznosila je oko $0-$5k. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

4 Promene · 98 Tačke podataka

PoljeKreirali
12/28/2025 09:39		Ažurira 1/3
12/29/2025 12:29		Ažurira 2/3
12/29/2025 13:27		Ažurira 3/3
12/31/2025 07:09
cvss3_vuldb_acLLLL
cvss3_vuldb_prNNNN
cvss3_vuldb_uiNNNN
cvss3_vuldb_sUUUU
cvss3_vuldb_cLLLL
cvss3_vuldb_iLLLL
cvss3_vuldb_aLLLL
cvss3_vuldb_ePPPP
cvss3_vuldb_rcRRRR
advisory_urlhttps://github.com/ctg503/CVE/issues/4https://github.com/ctg503/CVE/issues/4https://github.com/ctg503/CVE/issues/4https://github.com/ctg503/CVE/issues/4
exploit_availability1111
exploit_publicity1111
exploit_urlhttps://github.com/ctg503/CVE/issues/4https://github.com/ctg503/CVE/issues/4https://github.com/ctg503/CVE/issues/4https://github.com/ctg503/CVE/issues/4
source_cveCVE-2025-15184CVE-2025-15184CVE-2025-15184CVE-2025-15184
cna_responsibleVulDBVulDBVulDBVulDB
software_typeProject Management SoftwareProject Management SoftwareProject Management SoftwareProject Management Software
cvss2_vuldb_avNNNN
cvss2_vuldb_acLLLL
cvss2_vuldb_auNNNN
cvss2_vuldb_ciPPPP
cvss2_vuldb_iiPPPP
cvss2_vuldb_aiPPPP
cvss2_vuldb_ePOCPOCPOCPOC
cvss2_vuldb_rcURURURUR
cvss4_vuldb_avNNNN
cvss4_vuldb_acLLLL
cvss4_vuldb_prNNNN
cvss4_vuldb_uiNNNN
cvss4_vuldb_vcLLLL
cvss4_vuldb_viLLLL
cvss4_vuldb_vaLLLL
cvss4_vuldb_ePPPP
cvss2_vuldb_rlNDNDNDND
cvss3_vuldb_rlXXXX
cvss4_vuldb_atNNNN
cvss4_vuldb_scNNNN
cvss4_vuldb_siNNNN
cvss4_vuldb_saNNNN
cvss2_vuldb_basescore7.57.57.57.5
cvss2_vuldb_tempscore6.46.46.46.4
cvss3_vuldb_basescore7.37.37.37.3
cvss3_vuldb_tempscore6.66.66.66.6
cvss3_meta_basescore7.37.37.38.1
cvss3_meta_tempscore6.66.96.97.9
cvss4_vuldb_bscore6.96.96.96.9
cvss4_vuldb_btscore5.55.55.55.5
advisory_date1766876400 (12/28/2025)1766876400 (12/28/2025)1766876400 (12/28/2025)1766876400 (12/28/2025)
price_0day$0-$5k$0-$5k$0-$5k$0-$5k
software_vendorcode-projectscode-projectscode-projectscode-projects
software_nameRefugee Food Management SystemRefugee Food Management SystemRefugee Food Management SystemRefugee Food Management System
software_version1.01.01.01.0
software_file/home/refugeesreport2.php/home/refugeesreport2.php/home/refugeesreport2.php/home/refugeesreport2.php
software_argumentaaaa
vulnerability_cweCWE-89 (SKL injekcija)CWE-89 (SKL injekcija)CWE-89 (SKL injekcija)CWE-89 (SKL injekcija)
vulnerability_risk2222
cvss3_vuldb_avNNNN
cvss4_cna_viLLL
cvss4_cna_vaLLL
cvss4_cna_scNNN
cvss4_cna_siNNN
cvss4_cna_saNNN
cvss4_cna_bscore6.96.96.9
cvss3_cna_avNNN
cvss3_cna_acLLL
cvss3_cna_prNNN
cvss3_cna_uiNNN
cvss3_cna_sUUU
cvss3_cna_cLLL
cvss3_cna_iLLL
cvss3_cna_aLLL
cvss3_cna_basescore7.37.37.3
cvss2_cna_avNNN
cvss2_cna_acLLL
cvss2_cna_auNNN
cvss2_cna_ciPPP
cvss2_cna_iiPPP
cvss2_cna_aiPPP
cvss2_cna_basescore7.57.57.5
cve_nvd_summaryA vulnerability was detected in code-projects Refugee Food Management System 1.0. Affected is an unknown function of the file /home/refugeesreport2.php. The manipulation of the argument a results in sql injection. The attack may be performed from remote. The exploit is now public and may be used.A vulnerability was detected in code-projects Refugee Food Management System 1.0. Affected is an unknown function of the file /home/refugeesreport2.php. The manipulation of the argument a results in sql injection. The attack may be performed from remote. The exploit is now public and may be used.A vulnerability was detected in code-projects Refugee Food Management System 1.0. Affected is an unknown function of the file /home/refugeesreport2.php. The manipulation of the argument a results in sql injection. The attack may be performed from remote. The exploit is now public and may be used.
cvss4_cna_avNNN
cvss4_cna_acLLL
cvss4_cna_atNNN
cvss4_cna_prNNN
cvss4_cna_uiNNN
cvss4_cna_vcLLL
euvd_idEUVD-2025-205571EUVD-2025-205571
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aH
cvss3_nvd_basescore9.8

PrethodnePregledSledeжi

Do you want to use VulDB in your project?

Use the official API to access entries easily!