CVE-2025-3170 Information

Description

A vulnerability classified as critical has been found in Project Worlds Online Lawyer Management System 1.0. This affects an unknown part of the file /admin_user.php. The manipulation of the argument block_id/unblock_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Reference

https://github.com/p1026/CVE/issues/3 https://github.com/p1026/CVE/issues/3 https://github.com/p1026/CVE/issues/4 https://github.com/p1026/CVE/issues/4 https://vuldb.com/?ctiid.303129 https://vuldb.com/?id.303129 https://vuldb.com/?submit.543271