ГлавнаяУязвимости → CVE-2025-10599
7.3высокая

CVE-2025-10599

Описание

A security flaw has been discovered in itsourcecode Web-Based Internet Laboratory Management System 1.0. Impacted is the function User::AuthenticateUser of the file login.php. Performing manipulation of the argument user_email results in sql injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited.

Затрагиваемое ПО
Itsourcecode Web-based internet laboratory management system
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://github.com/drew-byte/Web-Based-Internet-Laboratory-Management-System_SQLi-PoC/blob/main/README.mdhttps://itsourcecode.com/https://vuldb.com/?ctiid.324616https://vuldb.com/?id.324616https://vuldb.com/?submit.649501