CVE-2025-4467

Опубликовано: 09 мая 2025

Источник: nvd

CVSS3: 7.3

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

A vulnerability was found in SourceCodester Online Student Clearance System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-admin.php. The manipulation of the argument id/txtfullname/txtemail/cmddesignation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Ссылки

https://github.com/Colorado-all/cve/blob/main/Online%20Student%20Clearance%20System/SQL-2.md
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.308086
Permissions Required
VDB Entry
https://vuldb.com/?id.308086
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.566245
Third Party Advisory
VDB Entry
https://www.sourcecodester.com/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:senior-walter:online_student_clearance_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 21%

0.00066

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-74

Связанные уязвимости

GHSA-p7xr-gpcg-fvw3

CVSS3: 7.3

github

9 месяцев назад

A vulnerability was found in SourceCodester Online Student Clearance System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-admin.php. The manipulation of the argument txtfullname/txtemail/cmddesignation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

EPSS

Процентиль: 21%

0.00066

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-74