ГлавнаяУязвимости → CVE-2025-13277
7.3высокая

CVE-2025-13277

Описание

A flaw has been found in code-projects Nero Social Networking Site 1.0. This issue affects some unknown processing of the file /friendsphoto.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used.

Затрагиваемое ПО
Fabian Nero social networking site
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://code-projects.org/https://github.com/daojian1/Nero-Social-Networking-Site-V1.0_004https://vuldb.com/?ctiid.332612https://vuldb.com/?id.332612https://vuldb.com/?submit.690140