Skip to content

Commit 563b1f6

Browse files
author
cvelistV5 Github Action
committed
1 changes (1 new | 0 updated):
 - 1 new CVEs: CVE-2025-0200 - 0 updated CVEs:
1 parent ca0df9a commit 563b1f6

File tree

3 files changed

+184
-33
lines changed

3 files changed

+184
-33
lines changed

cves/2025/0xxx/CVE-2025-0200.json

Lines changed: 161 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,161 @@
1+
{
2+
"dataType": "CVE_RECORD",
3+
"dataVersion": "5.1",
4+
"cveMetadata": {
5+
"cveId": "CVE-2025-0200",
6+
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
7+
"state": "PUBLISHED",
8+
"assignerShortName": "VulDB",
9+
"dateReserved": "2025-01-03T10:46:36.068Z",
10+
"datePublished": "2025-01-04T03:00:16.975Z",
11+
"dateUpdated": "2025-01-04T03:00:16.975Z"
12+
},
13+
"containers": {
14+
"cna": {
15+
"providerMetadata": {
16+
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
17+
"shortName": "VulDB",
18+
"dateUpdated": "2025-01-04T03:00:16.975Z"
19+
},
20+
"title": "code-projects Point of Sales and Inventory Management System search_num.php sql injection",
21+
"problemTypes": [
22+
{
23+
"descriptions": [
24+
{
25+
"type": "CWE",
26+
"cweId": "CWE-89",
27+
"lang": "en",
28+
"description": "SQL Injection"
29+
}
30+
]
31+
},
32+
{
33+
"descriptions": [
34+
{
35+
"type": "CWE",
36+
"cweId": "CWE-74",
37+
"lang": "en",
38+
"description": "Injection"
39+
}
40+
]
41+
}
42+
],
43+
"affected": [
44+
{
45+
"vendor": "code-projects",
46+
"product": "Point of Sales and Inventory Management System",
47+
"versions": [
48+
{
49+
"version": "1.0",
50+
"status": "affected"
51+
}
52+
]
53+
}
54+
],
55+
"descriptions": [
56+
{
57+
"lang": "en",
58+
"value": "A vulnerability has been found in code-projects Point of Sales and Inventory Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /user/search_num.php. The manipulation of the argument search leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
59+
},
60+
{
61+
"lang": "de",
62+
"value": "In code-projects Point of Sales and Inventory Management System 1.0 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Betroffen ist eine unbekannte Verarbeitung der Datei /user/search_num.php. Dank Manipulation des Arguments search mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung."
63+
}
64+
],
65+
"metrics": [
66+
{
67+
"cvssV4_0": {
68+
"version": "4.0",
69+
"baseScore": 5.3,
70+
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
71+
"baseSeverity": "MEDIUM"
72+
}
73+
},
74+
{
75+
"cvssV3_1": {
76+
"version": "3.1",
77+
"baseScore": 6.3,
78+
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
79+
"baseSeverity": "MEDIUM"
80+
}
81+
},
82+
{
83+
"cvssV3_0": {
84+
"version": "3.0",
85+
"baseScore": 6.3,
86+
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
87+
"baseSeverity": "MEDIUM"
88+
}
89+
},
90+
{
91+
"cvssV2_0": {
92+
"version": "2.0",
93+
"baseScore": 6.5,
94+
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
95+
}
96+
}
97+
],
98+
"timeline": [
99+
{
100+
"time": "2025-01-03T00:00:00.000Z",
101+
"lang": "en",
102+
"value": "Advisory disclosed"
103+
},
104+
{
105+
"time": "2025-01-03T01:00:00.000Z",
106+
"lang": "en",
107+
"value": "VulDB entry created"
108+
},
109+
{
110+
"time": "2025-01-03T11:51:51.000Z",
111+
"lang": "en",
112+
"value": "VulDB entry last update"
113+
}
114+
],
115+
"credits": [
116+
{
117+
"lang": "en",
118+
"value": "masamune (VulDB User)",
119+
"type": "reporter"
120+
}
121+
],
122+
"references": [
123+
{
124+
"url": "https://vuldb.com/?id.290137",
125+
"name": "VDB-290137 | code-projects Point of Sales and Inventory Management System search_num.php sql injection",
126+
"tags": [
127+
"vdb-entry",
128+
"technical-description"
129+
]
130+
},
131+
{
132+
"url": "https://vuldb.com/?ctiid.290137",
133+
"name": "VDB-290137 | CTI Indicators (IOB, IOC, TTP, IOA)",
134+
"tags": [
135+
"signature",
136+
"permissions-required"
137+
]
138+
},
139+
{
140+
"url": "https://vuldb.com/?submit.473386",
141+
"name": "Submit #473386 | code-projects POS(point of sales) and Inventory System 1.0 SQL Injection",
142+
"tags": [
143+
"third-party-advisory"
144+
]
145+
},
146+
{
147+
"url": "https://gist.github.com/Masamuneee/f238db57d8b1947d000cadf634a8387e",
148+
"tags": [
149+
"exploit"
150+
]
151+
},
152+
{
153+
"url": "https://code-projects.org/",
154+
"tags": [
155+
"product"
156+
]
157+
}
158+
]
159+
}
160+
}
161+
}

cves/delta.json

Lines changed: 9 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -1,38 +1,14 @@
11
{
2-
"fetchTime": "2025-01-04T02:29:44.692Z",
3-
"numberOfChanges": 5,
4-
"new": [],
5-
"updated": [
6-
{
7-
"cveId": "CVE-2025-22386",
8-
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2025-22386",
9-
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2025/22xxx/CVE-2025-22386.json",
10-
"dateUpdated": "2025-01-04T02:04:58.516Z"
11-
},
12-
{
13-
"cveId": "CVE-2025-22387",
14-
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2025-22387",
15-
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2025/22xxx/CVE-2025-22387.json",
16-
"dateUpdated": "2025-01-04T02:06:18.617Z"
17-
},
18-
{
19-
"cveId": "CVE-2025-22388",
20-
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2025-22388",
21-
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2025/22xxx/CVE-2025-22388.json",
22-
"dateUpdated": "2025-01-04T02:06:49.019Z"
23-
},
24-
{
25-
"cveId": "CVE-2025-22389",
26-
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2025-22389",
27-
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2025/22xxx/CVE-2025-22389.json",
28-
"dateUpdated": "2025-01-04T02:09:16.461Z"
29-
},
30-
{
31-
"cveId": "CVE-2025-22390",
32-
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2025-22390",
33-
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2025/22xxx/CVE-2025-22390.json",
34-
"dateUpdated": "2025-01-04T02:11:01.919Z"
2+
"fetchTime": "2025-01-04T03:01:31.471Z",
3+
"numberOfChanges": 1,
4+
"new": [
5+
{
6+
"cveId": "CVE-2025-0200",
7+
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2025-0200",
8+
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2025/0xxx/CVE-2025-0200.json",
9+
"dateUpdated": "2025-01-04T03:00:16.975Z"
3510
}
3611
],
12+
"updated": [],
3713
"error": []
3814
}

cves/deltaLog.json

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,18 @@
11
[
2+
{
3+
"fetchTime": "2025-01-04T03:01:31.471Z",
4+
"numberOfChanges": 1,
5+
"new": [
6+
{
7+
"cveId": "CVE-2025-0200",
8+
"cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2025-0200",
9+
"githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2025/0xxx/CVE-2025-0200.json",
10+
"dateUpdated": "2025-01-04T03:00:16.975Z"
11+
}
12+
],
13+
"updated": [],
14+
"error": []
15+
},
216
{
317
"fetchTime": "2025-01-04T02:29:44.692Z",
418
"numberOfChanges": 5,

0 commit comments

Comments
 (0)