exploitDog

GHSA-fmqj-pm68-cqq4

Опубликовано: 26 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

SQL injection vulnerability in krishanmuraiji SMS v.1.0, within the /studentms/admin/edit-class-detail.php via the editid GET parameter. An attacker can trigger controlled delays using SQL SLEEP() to infer database contents. Successful exploitation may lead to full database compromise, especially within an administrative module.

SQL injection vulnerability in krishanmuraiji SMS v.1.0, within the /studentms/admin/edit-class-detail.php via the editid GET parameter. An attacker can trigger controlled delays using SQL SLEEP() to infer database contents. Successful exploitation may lead to full database compromise, especially within an administrative module.

Ссылки

EPSS

Процентиль: 10%

0.00036

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2025-66947

CVSS3: 6.5

nvd

около 1 месяца назад

SQL injection vulnerability in krishanmuraiji SMS v.1.0, within the /studentms/admin/edit-class-detail.php via the editid GET parameter. An attacker can trigger controlled delays using SQL SLEEP() to infer database contents. Successful exploitation may lead to full database compromise, especially within an administrative module.

EPSS

Процентиль: 10%

0.00036

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-89