MEDIUM🇬🇧 English

CVE-2025-13561

CVSS 5.5v4.0pub. 2025-11-23upd. 2026-04-29

A vulnerability was determined in SourceCodester Company Website CMS 1.0. This vulnerability affects unknown code of the file /admin/index.php. This manipulation of the argument Username causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.

oryginał EN
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Torrahclef Company Website Cms

    APP
    Torrahclef
    1.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
SQLi
CWE
Referencje

Powiązane podatności

CVE-2025-29708CRITICAL9.8PL ✓ten sam produkt

Podatność file upload w SourceCodester Company Website CMS 1.0

CVE-2025-29709CRITICAL9.8PL ✓ten sam produkt

Podatność File Upload w SourceCodester Company Website CMS 1.0

CVE-2025-13560MEDIUM5.5ten sam produkt

A vulnerability was found in SourceCodester Company Website CMS 1.0. This affects an unknown part of the file ...

CVE-2025-29710MEDIUM6.1ten sam produkt

SourceCodester Company Website CMS 1.0 is vulnerable to Cross Site Scripting (XSS) via /dashboard/Services.