ГлавнаяУязвимости → CVE-2025-12307
7.3высокая

CVE-2025-12307

Описание

A vulnerability was identified in code-projects Nero Social Networking Site 1.0. Affected by this vulnerability is an unknown functionality of the file /addfriend.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used.

Затрагиваемое ПО
Fabian Nero social networking site
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://code-projects.org/https://github.com/yuan466/CVE/blob/main/two/report.mdhttps://vuldb.com/?ctiid.329979https://vuldb.com/?id.329979https://vuldb.com/?submit.676808