CVE-2025-51092

Name of the Vulnerable Software and Affected Versions: LogIn-SignUp project by VishnuSivadasVS (affected versions not specified)

Description: The LogIn-SignUp project is susceptible to SQL Injection due to the construction of SQL queries in the DataBase.php file. The logIn() and signUp() functions directly concatenate user input and unvalidated table names into SQL queries, bypassing the use of prepared statements. The existing prepareData() function does not adequately prevent SQL injection as it fails to sanitize the table name.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.