SQL Injection Vulnerability in Bug Library by Yannick Lefebvre
CVE-2025-24728
8.5HIGH
Key Information:
- Vendor
- Yannick Lefebvre
- Status
- Bug Library
- Vendor
- CVE Published:
- 24 January 2025
Summary
An SQL Injection vulnerability exists in Bug Library by Yannick Lefebvre, specifically permitting Blind SQL Injection. This flaw impacts versions from n/a through 2.1.4, posing serious risks to data integrity and application security. It's crucial for users to update to the latest version and implement security measures to mitigate potential exploitation.
Affected Version(s)
Bug Library <= 2.1.4
References
CVSS V3.1
Score:
8.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved
Credit
stealthcopter (Patchstack Alliance)