- Description
- A vulnerability, which was classified as critical, has been found in 1000 Projects Bookstore Management System 1.0. Affected by this issue is some unknown functionality of the file addtocart.php. The manipulation of the argument bcid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
- Source
- cna@vuldb.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 5.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Secondary
- Base score
- 6.3
- Impact score
- 3.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
- Severity
- MEDIUM
CVSS 2.0
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
- cna@vuldb.com
- CWE-74
- Hype score
- Not currently trending
🚨 CVE-2025-1172 🟠 MEDIUM (6.3) 🏢 1000 Projects - Bookstore Management System 🏗️ 1.0 🔗 https://t.co/pnUzKdrApW 🔗 https://t.co/w0lKcuxPqV 🔗 https://t.co/7gUEVHnljZ 🔗 https://t.co/2Ndjd2pBHt 🔗 https://t.co/83DYkjAmHA #CyberCron #VulnAlert https://t.co/4raLBhCaeb
@cybercronai
12 Feb 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1172 SQL Injection in 1000 Projects Bookstore Management System 1.0 via addtocart.php https://t.co/gUpYIcAR64
@VulmonFeeds
11 Feb 2025
39 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1172 A vulnerability, which was classified as critical, has been found in 1000 Projects Bookstore Management System 1.0. Affected by this issue is some unknown functionality… https://t.co/JwlkaSmF2g
@CVEnew
11 Feb 2025
455 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes