Description
A vulnerability was identified in code-projects Assessment Management 1.0. This affects an unknown part of the file login.php. Such manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used.
References
Product
https://github.com/Limingqian123/CVE/issues/4
ExploitIssue TrackingThird Party Advisory
https://vuldb.com/?ctiid.338583
Permissions RequiredVDB Entry
Third Party AdvisoryVDB Entry
https://vuldb.com/?submit.724718
Third Party AdvisoryVDB Entry
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.3 · High
Information
Source identifier
Vulnerability status
Analyzed
Published
2025-12-29T17:15:44.520Z
2 weeks agoLast modified
2026-01-07T20:48:57.847Z
1 week ago