Search
Find a vulnerability
Search criteria
4 vulnerabilities found for Library Management System by 1000 Projects
CVE-2024-12188 (GCVE-0-2024-12188)
Vulnerability from nvd – Published: 2024-12-05 00:00 – Updated: 2024-12-05 15:34
VLAI
Title
1000 Projects Library Management System stu.php sql injection
Summary
A vulnerability was found in 1000 Projects Library Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /brains/stu.php. The manipulation of the argument useri leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.286909 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.286909 | signaturepermissions-required |
| https://vuldb.com/?submit.455061 | third-party-advisory |
| https://github.com/SkGoing/CVE-repo_00/issues/4 | exploitissue-tracking |
| https://1000projects.org/ | product |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| 1000 Projects | Library Management System |
Affected:
1.0
|
|
| 1000projects | library_management_system |
Affected:
1.0
cpe:2.3:a:1000projects:library_management_system:1.0:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:1000projects:library_management_system:1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "library_management_system",
"vendor": "1000projects",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12188",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T15:34:02.245690Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T15:34:24.487Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Library Management System",
"vendor": "1000 Projects",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "SkGoing (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in 1000 Projects Library Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /brains/stu.php. The manipulation of the argument useri leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "In 1000 Projects Library Management System 1.0 wurde eine kritische Schwachstelle ausgemacht. Hierbei betrifft es unbekannten Programmcode der Datei /brains/stu.php. Durch das Manipulieren des Arguments useri mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T00:00:18.278Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-286909 | 1000 Projects Library Management System stu.php sql injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.286909"
},
{
"name": "VDB-286909 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.286909"
},
{
"name": "Submit #455061 | 1000 Projects Library Management System BCA 4th Semester Minor Project using SQL and PHP 1.0 SQL Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.455061"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/SkGoing/CVE-repo_00/issues/4"
},
{
"tags": [
"product"
],
"url": "https://1000projects.org/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-12-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-12-04T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-12-04T17:46:59.000Z",
"value": "VulDB entry last update"
}
],
"title": "1000 Projects Library Management System stu.php sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-12188",
"datePublished": "2024-12-05T00:00:18.278Z",
"dateReserved": "2024-12-04T16:41:52.170Z",
"dateUpdated": "2024-12-05T15:34:24.487Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12187 (GCVE-0-2024-12187)
Vulnerability from nvd – Published: 2024-12-05 00:00 – Updated: 2024-12-05 15:33
VLAI
Title
1000 Projects Library Management System showbook.php sql injection
Summary
A vulnerability was found in 1000 Projects Library Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /showbook.php. The manipulation of the argument q leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.286908 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.286908 | signaturepermissions-required |
| https://vuldb.com/?submit.455058 | third-party-advisory |
| https://github.com/PunyHunter/CVE/issues/1 | exploitissue-tracking |
| https://1000projects.org/ | product |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| 1000 Projects | Library Management System |
Affected:
1.0
|
|
| 1000projects | library_management_system |
Affected:
1.0
cpe:2.3:a:1000projects:library_management_system:1.0:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:1000projects:library_management_system:1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "library_management_system",
"vendor": "1000projects",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12187",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T15:31:42.075386Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T15:33:41.534Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Library Management System",
"vendor": "1000 Projects",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "punnyhunter (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in 1000 Projects Library Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /showbook.php. The manipulation of the argument q leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "Es wurde eine kritische Schwachstelle in 1000 Projects Library Management System 1.0 ausgemacht. Dabei betrifft es einen unbekannter Codeteil der Datei /showbook.php. Mittels Manipulieren des Arguments q mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T00:00:16.351Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-286908 | 1000 Projects Library Management System showbook.php sql injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.286908"
},
{
"name": "VDB-286908 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.286908"
},
{
"name": "Submit #455058 | 1000 Projects Library Management System BCA 4th Semester Minor Project using SQL and PHP V1.0 SQL Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.455058"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/PunyHunter/CVE/issues/1"
},
{
"tags": [
"product"
],
"url": "https://1000projects.org/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-12-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-12-04T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-12-04T17:46:57.000Z",
"value": "VulDB entry last update"
}
],
"title": "1000 Projects Library Management System showbook.php sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-12187",
"datePublished": "2024-12-05T00:00:16.351Z",
"dateReserved": "2024-12-04T16:41:49.442Z",
"dateUpdated": "2024-12-05T15:33:41.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12188 (GCVE-0-2024-12188)
Vulnerability from cvelistv5 – Published: 2024-12-05 00:00 – Updated: 2024-12-05 15:34
VLAI
Title
1000 Projects Library Management System stu.php sql injection
Summary
A vulnerability was found in 1000 Projects Library Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /brains/stu.php. The manipulation of the argument useri leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.286909 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.286909 | signaturepermissions-required |
| https://vuldb.com/?submit.455061 | third-party-advisory |
| https://github.com/SkGoing/CVE-repo_00/issues/4 | exploitissue-tracking |
| https://1000projects.org/ | product |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| 1000 Projects | Library Management System |
Affected:
1.0
|
|
| 1000projects | library_management_system |
Affected:
1.0
cpe:2.3:a:1000projects:library_management_system:1.0:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:1000projects:library_management_system:1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "library_management_system",
"vendor": "1000projects",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12188",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T15:34:02.245690Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T15:34:24.487Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Library Management System",
"vendor": "1000 Projects",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "SkGoing (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in 1000 Projects Library Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /brains/stu.php. The manipulation of the argument useri leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "In 1000 Projects Library Management System 1.0 wurde eine kritische Schwachstelle ausgemacht. Hierbei betrifft es unbekannten Programmcode der Datei /brains/stu.php. Durch das Manipulieren des Arguments useri mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T00:00:18.278Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-286909 | 1000 Projects Library Management System stu.php sql injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.286909"
},
{
"name": "VDB-286909 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.286909"
},
{
"name": "Submit #455061 | 1000 Projects Library Management System BCA 4th Semester Minor Project using SQL and PHP 1.0 SQL Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.455061"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/SkGoing/CVE-repo_00/issues/4"
},
{
"tags": [
"product"
],
"url": "https://1000projects.org/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-12-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-12-04T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-12-04T17:46:59.000Z",
"value": "VulDB entry last update"
}
],
"title": "1000 Projects Library Management System stu.php sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-12188",
"datePublished": "2024-12-05T00:00:18.278Z",
"dateReserved": "2024-12-04T16:41:52.170Z",
"dateUpdated": "2024-12-05T15:34:24.487Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12187 (GCVE-0-2024-12187)
Vulnerability from cvelistv5 – Published: 2024-12-05 00:00 – Updated: 2024-12-05 15:33
VLAI
Title
1000 Projects Library Management System showbook.php sql injection
Summary
A vulnerability was found in 1000 Projects Library Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /showbook.php. The manipulation of the argument q leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.286908 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.286908 | signaturepermissions-required |
| https://vuldb.com/?submit.455058 | third-party-advisory |
| https://github.com/PunyHunter/CVE/issues/1 | exploitissue-tracking |
| https://1000projects.org/ | product |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| 1000 Projects | Library Management System |
Affected:
1.0
|
|
| 1000projects | library_management_system |
Affected:
1.0
cpe:2.3:a:1000projects:library_management_system:1.0:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:1000projects:library_management_system:1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "library_management_system",
"vendor": "1000projects",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12187",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T15:31:42.075386Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T15:33:41.534Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Library Management System",
"vendor": "1000 Projects",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "punnyhunter (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in 1000 Projects Library Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /showbook.php. The manipulation of the argument q leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "Es wurde eine kritische Schwachstelle in 1000 Projects Library Management System 1.0 ausgemacht. Dabei betrifft es einen unbekannter Codeteil der Datei /showbook.php. Mittels Manipulieren des Arguments q mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T00:00:16.351Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-286908 | 1000 Projects Library Management System showbook.php sql injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.286908"
},
{
"name": "VDB-286908 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.286908"
},
{
"name": "Submit #455058 | 1000 Projects Library Management System BCA 4th Semester Minor Project using SQL and PHP V1.0 SQL Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.455058"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/PunyHunter/CVE/issues/1"
},
{
"tags": [
"product"
],
"url": "https://1000projects.org/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-12-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-12-04T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-12-04T17:46:57.000Z",
"value": "VulDB entry last update"
}
],
"title": "1000 Projects Library Management System showbook.php sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-12187",
"datePublished": "2024-12-05T00:00:16.351Z",
"dateReserved": "2024-12-04T16:41:49.442Z",
"dateUpdated": "2024-12-05T15:33:41.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}