{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-11116","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2025-09-27T17:37:37.693Z","datePublished":"2025-09-28T19:02:05.284Z","dateUpdated":"2025-09-29T12:59:16.839Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2025-09-28T19:02:05.284Z"},"title":"code-projects Simple Scheduling System add.home.php sql injection","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-89","lang":"en","description":"SQL Injection"}]},{"descriptions":[{"type":"CWE","cweId":"CWE-74","lang":"en","description":"Injection"}]}],"affected":[{"vendor":"code-projects","product":"Simple Scheduling System","versions":[{"version":"1.0","status":"affected"}]}],"descriptions":[{"lang":"en","value":"A vulnerability was found in code-projects Simple Scheduling System 1.0. This affects an unknown part of the file /add.home.php. The manipulation of the argument faculty results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used. Other parameters might be affected as well."},{"lang":"de","value":"Es wurde eine Schwachstelle in code-projects Simple Scheduling System 1.0 entdeckt. Das betrifft eine unbekannte Funktionalität der Datei /add.home.php. Die Manipulation des Arguments faculty führt zu sql injection. Der Angriff kann über das Netzwerk angegangen werden. Die Schwachstelle wurde öffentlich offengelegt und könnte ausgenutzt werden."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":6.9,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":7.3,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R","baseSeverity":"HIGH"}},{"cvssV3_0":{"version":"3.0","baseScore":7.3,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R","baseSeverity":"HIGH"}},{"cvssV2_0":{"version":"2.0","baseScore":7.5,"vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}],"timeline":[{"time":"2025-09-27T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2025-09-27T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2025-09-27T19:42:44.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"Chenzz (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.326197","name":"VDB-326197 | code-projects Simple Scheduling System add.home.php sql injection","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.326197","name":"VDB-326197 | CTI Indicators (IOB, IOC, TTP, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.662701","name":"Submit #662701 | code-projects Simple Scheduling System V1.0 SQL Injection","tags":["third-party-advisory"]},{"url":"https://github.com/yihaofuweng/cve/issues/42","tags":["exploit","issue-tracking"]},{"url":"https://code-projects.org/","tags":["product"]}],"tags":["x_freeware"]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-09-29T12:59:07.441897Z","id":"CVE-2025-11116","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-09-29T12:59:16.839Z"}}]}}