CNNVD-202510-3501 Information
CNNVD ID
CNNVD-202510-3501
Related CVE
- CNNVD Published: 2025-10-27
Description (Chinese)
Code-Projects Nero Social Networking Site是Code-Projects开源的一个社交网站。 Code-Projects Nero Social Networking Site 1.0版本存在SQL注入漏洞,该漏洞源于对文件/addfriend.php中参数ID的错误操作,可能导致SQL注入攻击。
Description (English)
Code-Projects Nero Social Networking Site is a social networking site open to Code-Projects. The Code-Projects Nero Social Networking Site 1.0 contains an injection loophole in SQL, which stems from an error in the operation of parameter ID in document/addfriend.php, which may result in an attack on SQL injection.
Hazard Level
Medium
Vulnerability Type
SQL注入
Affected Vendor
Code-Projects
Published
2025-10-27
Last Modified
2026-02-24
References
https://vuldb.com/?submit.676808 https://code-projects.org/ https://github.com/yuan466/CVE/blob/main/two/report.md https://vuldb.com/?id.329979 https://vuldb.com/?ctiid.329979 https://access.redhat.com/security/cve/cve-2025-12307
Share on: