CVE-2025-1173 Information

Description

A vulnerability which was classified as critical was found in 1000 Projects Bookstore Management System 1.0. This affects an unknown part of the file process_users_del.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

Reference

https://1000projects.org/ https://github.com/NeoVuln/CVE/issues/2 https://vuldb.com/?ctiid.295077 https://vuldb.com/?id.295077 https://vuldb.com/?submit.495309

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

LOW

Base Severity

4.7