CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-51092

The LogIn-SignUp project by VishnuSivadasVS is vulnerable to SQL Injection due to unsafe construction of SQL queries in DataBase.php. The functions logIn() and signUp() build queries by directly concatenating user input and unvalidated table names without using prepared statements. While a prepareData() function exists, it is insufficient to prevent SQL injection and does not sanitize the table name.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 13.2%

CVSS Severity

CVSS v3 Score 9.8

References

https://abimelsbk.hashnode.dev/sql-injection-vulnerability-at-login-signup-php-project

Products affected by CVE-2025-51092

Vishnusivadas » Login-Signup » Version: N/A

cpe:2.3:a:vishnusivadas:login-signup:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-51092

Products

Pricing

Contact Us