CVE-2025-9758 MEDIUM

CVE-2025-9758: deepakmisal24 Chemical Inventory Management System inventory_form.php sql injection

Vendor Deepakmisal24
Product Chemical Inventory Management System
Weakness CWE-89 · SQLi
Published September 1, 2025
Last update September 2, 2025
View on NVD All CVEs

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

A vulnerability was identified in deepakmisal24 Chemical Inventory Management System up to 1.0. Affected by this vulnerability is an unknown functionality of the file /inventory_form.php. Such manipulation of the argument chem_name leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used.

Key dates

02Disclosure timeline

September 1, 2025 CVE published
September 2, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-15181 code-projects Refugee Food Management System pagenateRefugeesList.php sql injection CVE-2025-10077 SourceCodester Online Polling System registeracc.php sql injection CVE-2022-50594 Advantech iView < v5.7.04 Build 6425 data Parameter SQL Injection Information Disclosure CVE-2023-2214 Campcodes Coffee Shop POS System manage_sale.php sql injection CVE-2026-48837 WordPress Unlimited Elements For Elementor plugin <= 2.0.8 - SQL Injection vulnerability