exploitDog

CVE-2025-9786

Опубликовано: 01 сент. 2025

Источник: nvd

CVSS3: 7.3

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

A vulnerability was found in Campcodes Online Learning Management System 1.0. Affected is an unknown function of the file /teacher_signup.php. Performing manipulation of the argument firstname results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used. Other parameters might be affected as well.

Ссылки

https://github.com/wyyyxxxx1017/CVE/issues/6
Exploit
Issue Tracking
https://vuldb.com/?ctiid.322102
Permissions Required
VDB Entry
https://vuldb.com/?id.322102
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.640996
Third Party Advisory
VDB Entry
https://www.campcodes.com/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:campcodes:online_learning_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 10%

0.00036

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-74

EPSS

Процентиль: 10%

0.00036

Низкий

7.3 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-74