CVE-2025-14967

Medium CVSS: 6.9

A vulnerability was identified in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /candidates_report.php. The manipulation of the argument school_year leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used.

Vendor

Angeljudesuarez

Product

Student Management System

CWE

CWE-74

Yayın Tarihi

2025-12-19 20:15:54

Güncelleme

2025-12-24 15:03:30

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-74 Student Management System MEDIUM Angeljudesuarez 2025

Referanslar

https://github.com/ltranquility/CVE/issues/28 https://itsourcecode.com/ https://vuldb.com/?ctiid.337602 https://vuldb.com/?id.337602 https://vuldb.com/?submit.718414

Benzer Kayıtlar

Medium

CVE-2026-4474

A flaw has been found in itsourcecode University Management System 1.0. Impacted is an unknown function of the file /adm…

Medium

CVE-2026-4223

A vulnerability was identified in itsourcecode Payroll Management System 1.0. This issue affects some unknown processing…

Medium

CVE-2026-3944

A vulnerability was determined in itsourcecode University Management System 1.0. This vulnerability affects unknown code…

Medium

CVE-2026-3812

A vulnerability was determined in itsourcecode Payroll Management System 1.0. Affected is an unknown function of the fil…

Medium

CVE-2026-3767

A weakness has been identified in itsourcecode sanitize or validate this input 1.0. Affected is an unknown function of t…

Medium

CVE-2026-3765

A vulnerability was identified in itsourcecode University Management System 1.0. This affects an unknown function of the…