关键漏洞信息 CVE Identifier: CVE-2025-13264, EUVD-2025-197754, VDB-332599 Summary: - Severity: Critical - Affected Software: SourceCodester Online Magazine Management System 1.0 Vulnerability Details: - Source File: /view_magazine.php - Vulnerable Argument: ID - Type: SQL Injection - CWE: CWE-89 (Improper Neutralization of Special Elements Used in an SQL Command ('SQL Injection')) Impact: - Confidentiality, Integrity, Availability Exploitation: - Ease of Exploit: Easy - Attack Vector: Remote - Public Exploit Availability: Yes - Attack Vectors: Technical details and public proof-of-concept exploit available on GitHub. Can be searched using Google Hacking with the query . Mitigation: - No known countermeasures. Suggested to replace the affected object with an alternative product.