{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-1163", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2025-02-10T08:08:42.956Z", "datePublished": "2025-02-10T23:31:04.336Z", "dateUpdated": "2025-02-11T16:06:32.583Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-02-10T23:31:04.336Z"}, "title": "code-projects Vehicle Parking Management System Authentication login stack-based overflow", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-121", "lang": "en", "description": "Stack-based Buffer Overflow"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-119", "lang": "en", "description": "Memory Corruption"}]}], "affected": [{"vendor": "code-projects", "product": "Vehicle Parking Management System", "versions": [{"version": "1.0", "status": "affected"}], "modules": ["Authentication"]}], "descriptions": [{"lang": "en", "value": "A vulnerability classified as critical was found in code-projects Vehicle Parking Management System 1.0. This vulnerability affects the function login of the component Authentication. The manipulation of the argument username leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used."}, {"lang": "de", "value": "In code-projects Vehicle Parking Management System 1.0 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Das betrifft die Funktion login der Komponente Authentication. Mit der Manipulation des Arguments username mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}}], "timeline": [{"time": "2025-02-10T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2025-02-10T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2025-02-10T13:37:03.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "j0hn.FFFFF (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "j0hn.FFFFF (VulDB User)", "type": "analyst"}], "references": [{"url": "https://vuldb.com/?id.295066", "name": "VDB-295066 | code-projects Vehicle Parking Management System Authentication login stack-based overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.295066", "name": "VDB-295066 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.494008", "name": "Submit #494008 | c vehicle-parking-management-system-c-programming v1.0 Stack-based Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://github.com/J0hnFFFF/j0hn_upload_three/blob/main/binary1.pdf", "tags": ["exploit"]}, {"url": "https://code-projects.org/", "tags": ["product"]}]}, "adp": [{"references": [{"url": "https://github.com/J0hnFFFF/j0hn_upload_three/blob/main/binary1.pdf", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-11T16:04:57.998135Z", "id": "CVE-2025-1163", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-11T16:06:32.583Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-1163", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-02-11T16:04:57.998135Z"}}}], "references": [{"url": "https://github.com/J0hnFFFF/j0hn_upload_three/blob/main/binary1.pdf", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-11T16:05:10.500Z"}}], "cna": {"title": "code-projects Vehicle Parking Management System Authentication login stack-based overflow", "credits": [{"lang": "en", "type": "reporter", "value": "j0hn.FFFFF (VulDB User)"}, {"lang": "en", "type": "analyst", "value": "j0hn.FFFFF (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}}], "affected": [{"vendor": "code-projects", "modules": ["Authentication"], "product": "Vehicle Parking Management System", "versions": [{"status": "affected", "version": "1.0"}]}], "timeline": [{"lang": "en", "time": "2025-02-10T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2025-02-10T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2025-02-10T13:37:03.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.295066", "name": "VDB-295066 | code-projects Vehicle Parking Management System Authentication login stack-based overflow", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.295066", "name": "VDB-295066 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.494008", "name": "Submit #494008 | c vehicle-parking-management-system-c-programming v1.0 Stack-based Buffer Overflow", "tags": ["third-party-advisory"]}, {"url": "https://github.com/J0hnFFFF/j0hn_upload_three/blob/main/binary1.pdf", "tags": ["exploit"]}, {"url": "https://code-projects.org/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A vulnerability classified as critical was found in code-projects Vehicle Parking Management System 1.0. This vulnerability affects the function login of the component Authentication. The manipulation of the argument username leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used."}, {"lang": "de", "value": "In code-projects Vehicle Parking Management System 1.0 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Das betrifft die Funktion login der Komponente Authentication. Mit der Manipulation des Arguments username mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "Stack-based Buffer Overflow"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "Memory Corruption"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-02-10T23:31:04.336Z"}}}, "cveMetadata": {"cveId": "CVE-2025-1163", "state": "PUBLISHED", "dateUpdated": "2025-02-11T16:06:32.583Z", "dateReserved": "2025-02-10T08:08:42.956Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2025-02-10T23:31:04.336Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability classified as critical was found in code-projects Vehicle Parking Management System 1.0. This vulnerability affects the function login of the component Authentication. The manipulation of the argument username leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used."}], "id": "CVE-2025-1163", "lastModified": "2025-02-11T16:15:49.973", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "LOW", "vulnerableSystemConfidentiality": "LOW", "vulnerableSystemIntegrity": "LOW"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2025-02-11T00:15:29.230", "references": [{"source": "cna@vuldb.com", "url": "https://code-projects.org/"}, {"source": "cna@vuldb.com", "url": "https://github.com/J0hnFFFF/j0hn_upload_three/blob/main/binary1.pdf"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.295066"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.295066"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.494008"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://github.com/J0hnFFFF/j0hn_upload_three/blob/main/binary1.pdf"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-121"}], "source": "cna@vuldb.com", "type": "Secondary"}]}

{}