{"cve":{"cve_id":"CVE-2025-10667","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00483,"epss_percentile":0.37853,"epss_as_of":"2026-06-23","description":"A weakness has been identified in itsourcecode Online Discussion Forum 1.0. Affected by this issue is some unknown functionality of the file /members/compose_msg.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.","published_at":"2025-09-18T13:02:10.036000Z","last_modified_at":null,"cvss_v3_score":7.3,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R","cvss_v3_severity":"HIGH","cvss_v4_score":6.9,"cvss_v4_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P","cvss_v4_severity":"MEDIUM","ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":["CWE-89","CWE-74"],"nvd_references":["https://vuldb.com/?id.324788","https://vuldb.com/?ctiid.324788","https://vuldb.com/?submit.652167","https://github.com/S77code/CVE1/issues/1","https://itsourcecode.com/"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:25:07.732107Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"L","value_label":"Low"},{"metric":"I","name":"Integrity","value":"L","value_label":"Low"},{"metric":"A","name":"Availability","value":"L","value_label":"Low"},{"metric":"E","name":"E","value":"P","value_label":"Physical"},{"metric":"RL","name":"RL","value":"X","value_label":"X"},{"metric":"RC","name":"RC","value":"R","value_label":"Required"}]},"cvss_v4_decoded":{"version":"4.0","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"AT","name":"Attack Requirements","value":"N","value_label":"None"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"VC","name":"Confidentiality (Vulnerable System)","value":"L","value_label":"Low"},{"metric":"VI","name":"Integrity (Vulnerable System)","value":"L","value_label":"Low"},{"metric":"VA","name":"Availability (Vulnerable System)","value":"L","value_label":"Low"},{"metric":"SC","name":"Confidentiality (Subsequent System)","value":"N","value_label":"None"},{"metric":"SI","name":"Integrity (Subsequent System)","value":"N","value_label":"None"},{"metric":"SA","name":"Availability (Subsequent System)","value":"N","value_label":"None"},{"metric":"E","name":"E","value":"P","value_label":"Physical"}]},"affected":[{"vendor_slug":"itsourcecode","vendor_name":"itsourcecode","product_slug":"online-discussion-forum","product_name":"Online Discussion Forum","version_start":"1.0","version_start_inclusive":true,"version_end":"1.0","version_end_inclusive":true,"cpe23_uri":"cve5:itsourcecode:online-discussion-forum:1.0:1.0"}],"exploit_refs":[],"news":[],"references":[{"url":"https://vuldb.com/?id.324788","source_type":"MISC","tags":[]},{"url":"https://vuldb.com/?ctiid.324788","source_type":"MISC","tags":[]},{"url":"https://vuldb.com/?submit.652167","source_type":"MISC","tags":[]},{"url":"https://github.com/S77code/CVE1/issues/1","source_type":"MISC","tags":[]},{"url":"https://itsourcecode.com/","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2025-09-18T13:02:10.036000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:40:58.804819Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:40:58.804819Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:40:58.804819Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:40:58.804819Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:40:58.804819Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:40:58.804819Z","label":"CVSS score revised","source":"cvelistv5"}]}