SQL Injection Vulnerability in Code-Projects Online Farm System
CVE-2025-8331

9.8CRITICAL

Key Information:

Vendor: Code-Projects
Status: Online Farm System
Vendor: CVE Published:; 30 July 2025

🔔 Create Code-Projects Vulnerability Alert

What is CVE-2025-8331?

The Online Farm System from Code-Projects is susceptible to an SQL injection vulnerability due to improper handling of user input in the /forgot_pass.php file. This vulnerability allows attackers to manipulate the email argument, potentially enabling them to execute unauthorized SQL commands. The risk of exploitation is significant as it can be initiated remotely, allowing attackers to access sensitive information from the database. Public disclosure of this exploit amplifies the urgency for affected users to implement security measures immediately.

References

https://code-projects.org/

https://github.com/wllovemy/cve/issues/10

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 30, 2025