CVE-2025-10797

A vulnerability was determined in code-projects Hostel Management System 1.0. This issue affects some unknown processing of the file /justines/index.php. This manipulation of the argument log_email causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.
Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.3 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
VulDBCNA
7.3 HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 10%
VendorProductVersion
angeljudesuarezhostel_management_system
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://code-projects.org/
https://github.com/Waibibabo1239/CVE/issues/1
https://vuldb.com/?ctiid.325154
https://vuldb.com/?id.325154
https://vuldb.com/?submit.654091
https://github.com/Waibibabo1239/CVE/issues/1