CVE-2025-4331

Опубликовано: 06 мая 2025

Источник: nvd

CVSS3: 7.3

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

A vulnerability classified as critical was found in SourceCodester Online Student Clearance System 1.0. This vulnerability affects unknown code of the file /Admin/login.php. The manipulation of the argument id/username/password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Ссылки

https://github.com/cybersharmaji/Online-Student-Clearance-System/blob/main/sql_injection_time.md
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.307432
Permissions Required
VDB Entry
https://vuldb.com/?id.307432
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.564329
Third Party Advisory
VDB Entry
https://www.sourcecodester.com/
Exploit
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:senior-walter:online_student_clearance_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 13%

0.00042

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-74

CWE-89

Связанные уязвимости

GHSA-rmcv-f79g-83q3

CVSS3: 7.3

github

9 месяцев назад

A vulnerability classified as critical was found in SourceCodester Online Student Clearance System 1.0. This vulnerability affects unknown code of the file /Admin/login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

EPSS

Процентиль: 13%

0.00042

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-74

CWE-89