SQL Injection Vulnerability in Vehicle Management by Code-Projects
CVE-2025-8409
Key Information:
- Vendor
Code-projects
- Status
- Vendor
- CVE Published:
- 31 July 2025
Badges
What is CVE-2025-8409?
A vulnerability has been identified in the Vehicle Management 1.0 product by Code-Projects, specifically related to the /filter.php file. This weakness allows malicious actors to manipulate arguments, potentially leading to an SQL injection attack that can be executed remotely. The exploit has been made public, increasing the risk of exploitation. It is essential for users of this product to implement appropriate security measures to mitigate this threat.
Affected Version(s)
Vehicle Management 1.0
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved