CVE-2025-4467

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-4467
A vulnerability was found in SourceCodester Online Student Clearance System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-admin.php. The manipulation of the argument id/txtfullname/txtemail/cmddesignation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

9.8 /10

CVSS v3.0 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/Colorado-all/cve/blob/main/Online%20Student%20Clearance%20System/SQL-2.md Exploit Third Party Advisory
https://vuldb.com/?ctiid.308086 Permissions Required VDB Entry
https://vuldb.com/?id.308086 Third Party Advisory VDB Entry
https://vuldb.com/?submit.566245 Third Party Advisory VDB Entry
https://www.sourcecodester.com/ Product
Configurations

Configuration 1 (hide)

cpe:2.3:a:senior-walter:online_student_clearance_system:1.0:*:*:*:*:*:*:*
History

15 May 2025, 07:15

Type Values Removed Values Added
CWE CWE-89
CWE-74
Summary A vulnerability was found in SourceCodester Online Student Clearance System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-admin.php. The manipulation of the argument txtfullname/txtemail/cmddesignation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. A vulnerability was found in SourceCodester Online Student Clearance System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit-admin.php. The manipulation of the argument id/txtfullname/txtemail/cmddesignation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

14 May 2025, 20:53

Type Values Removed Values Added
CPE cpe:2.3:a:senior-walter:online_student_clearance_system:1.0:*:*:*:*:*:*:*
First Time Senior-walter online Student Clearance System
Senior-walter
CVSS v2 : unknown
v3 : 7.3 		v2 : unknown
v3 : 9.8
References () https://github.com/Colorado-all/cve/blob/main/Online%20Student%20Clearance%20System/SQL-2.md - () https://github.com/Colorado-all/cve/blob/main/Online%20Student%20Clearance%20System/SQL-2.md - Exploit, Third Party Advisory
References () https://vuldb.com/?ctiid.308086 - () https://vuldb.com/?ctiid.308086 - Permissions Required, VDB Entry
References () https://www.sourcecodester.com/ - () https://www.sourcecodester.com/ - Product
References () https://vuldb.com/?submit.566245 - () https://vuldb.com/?submit.566245 - Third Party Advisory, VDB Entry
References () https://vuldb.com/?id.308086 - () https://vuldb.com/?id.308086 - Third Party Advisory, VDB Entry

09 May 2025, 07:16

Type Values Removed Values Added
New CVE
Information

Published : 2025-05-09 07:16

Updated : 2025-05-15 07:15

NVD link : CVE-2025-4467

Mitre link : CVE-2025-4467

JSON object : View

Products Affected

senior-walter

  • online_student_clearance_system
CWE

No CWE.