ГлавнаяУязвимости → CVE-2025-14537
7.3высокая

CVE-2025-14537

Описание

A weakness has been identified in code-projects Class and Exam Timetable Management 1.0. Affected by this issue is some unknown functionality of the file /preview7.php. This manipulation of the argument course_year_section/semester causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited.

Затрагиваемое ПО
Fabian Class and exam timetable management system
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://code-projects.org/https://github.com/woshilaiyi/cve/issues/13https://github.com/woshilaiyi/cve/issues/14https://vuldb.com/?ctiid.335876https://vuldb.com/?id.335876https://vuldb.com/?submit.703712https://vuldb.com/?submit.703717