exploitDog

CVE-2025-9689

Опубликовано: 30 авг. 2025

Источник: nvd

CVSS3: 6.3

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/stock/item_select. The manipulation of the argument q results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used.

Ссылки

https://github.com/1ithos/CVE/issues/1
Exploit
Issue Tracking
https://vuldb.com/?ctiid.321901
Permissions Required
VDB Entry
https://vuldb.com/?id.321901
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.638609
Third Party Advisory
VDB Entry
https://www.sourcecodester.com/
Product
https://github.com/1ithos/CVE/issues/1
Exploit
Issue Tracking

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:donbermoy:advanced_school_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 5%

0.0002

Низкий

6.3 Medium

CVSS3

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-74

EPSS

Процентиль: 5%

0.0002

Низкий

6.3 Medium

CVSS3

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-74