AI description
CVE-2025-1576 is a vulnerability found in code-projects Real Estate Property Management System version 1.0. The vulnerability exists in the `/ajax_state.php` file and is triggered by manipulating the `StateName` argument, which leads to an SQL injection vulnerability. This vulnerability can be exploited remotely. This SQL injection vulnerability allows attackers to inject malicious SQL code into the application through the `StateName` parameter when interacting with the `/ajax_state.php` file. As of today, February 24, 2025, the exploit for this vulnerability has been publicly disclosed and could potentially be used by malicious actors. It's important to note that this information is current as of today's date and may change as new information becomes available.
- Description
- A vulnerability classified as critical was found in code-projects Real Estate Property Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax_state.php. The manipulation of the argument StateName as part of String leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
- Source
- cna@vuldb.com
- NVD status
- Analyzed
CVSS 4.0
- Type
- Secondary
- Base score
- 5.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
- Hype score
- Not currently trending
CVE-2025-1576 02/23/2025 05:15:11 AM BaseSeverity: MEDIUM A vulnerability classified as critical was found in code-projects Real Estate Property Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax_state... https://t.co/8ruDNxfgez
@CVETracker
23 Feb 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1576 A vulnerability classified as critical was found in code-projects Real Estate Property Management System 1.0. Affected by this vulnerability is an unknown functionality… https://t.co/MwTn4VcLhh
@CVEnew
23 Feb 2025
929 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fabianros:real_estate_property_management_system:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8974B5B-08CE-4EDC-8B76-7074DD336CE2"
}
],
"operator": "OR"
}
]
}
]