Description
A vulnerability was determined in itsourcecode Student Management System 1.0. Impacted is an unknown function of the file /addrecord.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.
Published: 2025-12-14
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 16 Dec 2025 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Angeljudesuarez
Angeljudesuarez student Management System
CPEs cpe:2.3:a:angeljudesuarez:student_management_system:1.0:*:*:*:*:*:*:*
Vendors & Products Angeljudesuarez
Angeljudesuarez student Management System

Mon, 15 Dec 2025 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 15 Dec 2025 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Itsourcecode
Itsourcecode student Management System
Vendors & Products Itsourcecode
Itsourcecode student Management System

Sun, 14 Dec 2025 09:45:00 +0000

Type Values Removed Values Added
Description A vulnerability was determined in itsourcecode Student Management System 1.0. Impacted is an unknown function of the file /addrecord.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.
Title itsourcecode Student Management System addrecord.php sql injection
Weaknesses CWE-74
CWE-89
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Angeljudesuarez Student Management System
Itsourcecode Student Management System
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2025-12-15T21:14:41.004Z

Reserved: 2025-12-13T09:45:44.778Z

Link: CVE-2025-14653

cve-icon Vulnrichment

Updated: 2025-12-15T21:14:35.514Z

cve-icon NVD

Status : Analyzed

Published: 2025-12-14T10:15:46.503

Modified: 2025-12-16T20:08:22.857

Link: CVE-2025-14653

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-12-15T14:05:59Z

Weaknesses