ГлавнаяУязвимости → CVE-2025-13235
7.3высокая

CVE-2025-13235

Описание

A vulnerability was determined in itsourcecode Inventory Management System 1.0. This affects an unknown function of the file /admin/login.php. Executing manipulation of the argument user_email can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.

Затрагиваемое ПО
Janobe Inventory management system
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://github.com/52914/cve/issues/1https://itsourcecode.com/https://vuldb.com/?ctiid.332561https://vuldb.com/?id.332561https://vuldb.com/?submit.686701