Home > Vulnerability Database > CVE-2025-51092

Mend.io Vulnerability Database

CVE-2025-51092

Good to know:

Date: August 21, 2025

The LogIn-SignUp project by VishnuSivadasVS is vulnerable to SQL Injection due to unsafe construction of SQL queries in DataBase.php. The functions logIn() and signUp() build queries by directly concatenating user input and unvalidated table names without using prepared statements. While a prepareData() function exists, it is insufficient to prevent SQL injection and does not sanitize the table name.

Severity Score

9.8

Related Resources (3)

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-51092

Url: https://abimelsbk.hashnode.dev/sql-injection-vulnerability-at-login-signup-php-project

Url: https://www.mend.io/vulnerability-database/CVE-2025-51092

Severity Score

9.8

Weakness Type (CWE)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CWE-89

Top Fix

Upgrade Version

Upgrade to version https://github.com/VishnuSivadasVS/LogIn-SignUp.git - null

CVSS v3.1

Base Score:	9.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2025-51092

Good to know:

Date: August 21, 2025

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?