CVE-2025-1173

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Feb 11, 2025

Updated: Feb 28, 2025

CWE ID 74

CWE ID 89

Summary

CVE-2025-1173 is a critical vulnerability identified in the 1000 Projects Bookstore Management System 1.0. The issue lies within the process_users_del.php file, where an argument named id can be manipulated. This manipulation enables attackers to inject SQL code, potentially gaining unauthorized access to sensitive data or even taking control of the system. Remotely initiating such an attack is a concerning possibility.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3IywaK
https://www.cve.org/CVERecord?id=CVE-2025-1173
https://nvd.nist.gov/vuln/detail/CVE-2025-1173

Back to Vulnerability Database

CVE-2025-1173

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations