CVE-2025-50867

Medium CVSS: 6.5

A SQL Injection vulnerability exists in the takeassessment2.php endpoint of the CloudClassroom-PHP-Project 1.0, where the Q5 POST parameter is directly embedded in SQL statements without sanitization.

Vendor

Vishalmathur

Product

Cloudclassroom

CWE

CWE-89

Yayın Tarihi

2025-07-31 16:15:31

Güncelleme

2025-08-06 16:33:28

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-89 Cloudclassroom MEDIUM Vishalmathur 2025

Referanslar

https://github.com/SacX-7/CVE-2025-50867

Benzer Kayıtlar

Medium

CVE-2026-2058

A flaw has been found in mathurvishal CloudClassroom-PHP-Project up to 5dadec098bfbbf3300d60c3494db3fb95b66e7be. This im…

Critical

CVE-2025-52410

Institute-of-Current-Students v1.0 contains a time-based blind SQL injection vulnerability in the mydetailsstudent.php e…

Critical

CVE-2025-55444

A SQL injection vulnerability exists in the id2 parameter of the cancel_booking.php page in Online Artwork and Fine Arts…

Medium

CVE-2025-50866

CloudClassroom-PHP-Project 1.0 contains a reflected Cross-site Scripting (XSS) vulnerability in the email parameter of t…

Medium

CVE-2025-44608

CloudClassroom-PHP Project v1.0 was discovered to contain a SQL injection vulnerability via the viewid parameter.

Medium

CVE-2025-51411

A reflected cross-site scripting (XSS) vulnerability exists in Institute-of-Current-Students v1.0 via the email paramete…