Description
A weakness has been identified in code-projects College Notes Uploading System 1.0. This issue affects some unknown processing of the file /login.php. Executing manipulation of the argument User can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and could be exploited.
References
Product
https://github.com/Limingqian123/CVE/issues/10
ExploitIssue TrackingThird Party Advisory
https://vuldb.com/?ctiid.338585
Permissions RequiredVDB Entry
Third Party AdvisoryVDB Entry
https://vuldb.com/?submit.724724
Third Party AdvisoryVDB Entry
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.3 · High
Information
Source identifier
Vulnerability status
Analyzed
Published
2025-12-29T18:15:42.333Z
3 weeks agoLast modified
2026-01-05T21:45:15.780Z
2 weeks ago