exploitDog

CVE-2025-45956

Опубликовано: 29 апр. 2025

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

A SQL injection vulnerability in manage_damage.php in Sourcecodester Computer Laboratory Management System v1.0 allows an authenticated attacker to execute arbitrary SQL commands via the "id" parameter

Ссылки

https://github.com/lloydik/CLMS-vulnerabilities/blob/main/SQLi-CLMS-PoC.md
Exploit
Third Party Advisory
https://github.com/lloydik/CLMS-vulnerabilities/blob/main/SQLi-CLMS-PoC.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oretnom23:computer_laboratory_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 23%

0.00078

Низкий

8.8 High

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-3rr5-vgfq-8c8h

CVSS3: 8.8

github

9 месяцев назад

A SQL injection vulnerability in manage_damage.php in Sourcecodester Computer Laboratory Management System v1.0 allows an authenticated attacker to execute arbitrary SQL commands via the "id" parameter

EPSS

Процентиль: 23%

0.00078

Низкий

8.8 High

CVSS3

Дефекты

CWE-89