CVE-2025-8934

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://1000projects.org/", "name": "https://1000projects.org/", "tags": ["Product"], "refsource": ""}, {"url": "https://github.com/lan041221/cvec/issues/5", "name": "https://github.com/lan041221/cvec/issues/5", "tags": ["Exploit", "Third Party Advisory"], "refsource": ""}, {"url": "https://github.com/lan041221/cvec/issues/5", "name": "https://github.com/lan041221/cvec/issues/5", "tags": ["Exploit", "Third Party Advisory"], "refsource": ""}, {"url": "https://vuldb.com/?ctiid.319896", "name": "VDB-319896 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["Permissions Required"], "refsource": ""}, {"url": "https://vuldb.com/?id.319896", "name": "VDB-319896 | 1000 Projects Sales Management System sales.php cross site scripting", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": ""}, {"url": "https://vuldb.com/?submit.631727", "name": "Submit #631727 | 1000 Projects sales management system for hypermarkets v1.0 Cross Site Scripting", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A vulnerability has been found in 1000 Projects Sales Management System 1.0. Affected is an unknown function of the file /sales.php. The manipulation of the argument select2112 leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-8934", "ASSIGNER": "cna@vuldb.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}}, "publishedDate": "2025-08-14T04:16Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:1000projects:sales_management_system:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-08-15T22:15Z"}