exploitDog

CVE-2025-45885

Опубликовано: 09 мая 2025

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

PHPGURUKUL Vehicle Parking Management System v1.13 is vulnerable to SQL injection in the /vpms/users/login.php file. Attackers can inject malicious code from the parameter 'emailcont' and use it directly in SQL queries.

Ссылки

https://github.com/lintian31/vpm-system/blob/main/Vehicle%20parking%20Management%20System.md
Exploit
Third Party Advisory
https://github.com/lintian31/vpm-system/blob/main/Vehicle%20parking%20Management%20System.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpgurukul:vehicle_parking_management_system:1.13:*:*:*:*:*:*:*

EPSS

Процентиль: 26%

0.00089

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-cfhv-gvm8-4fxv

CVSS3: 9.8

github

9 месяцев назад

PHPGURUKUL Vehicle Parking Management System v1.13 is vulnerable to SQL injection in the /vpms/users/login.php file. Attackers can inject malicious code from the parameter 'emailcont' and use it directly in SQL queries.

EPSS

Процентиль: 26%

0.00089

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89