PT-2025-41446 · Unknown · Student Result Manager

Lakshay12311

Publicado

2025-10-09

Atualizado

2025-10-20

CVE-2025-11551

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Student Result Manager version 1.0

Description A flaw exists in Student Result Manager version 1.0 that allows for remote execution of SQL injection attacks. The issue stems from manipulating the roll, name, or gpa arguments within the Database.java file. The exploit for this issue has been publicly disclosed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

SQL injection

Special Elements Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89CWE-74

Identificadores relacionados

CVE-2025-11551

Produtos afetados

Student Result Manager

PT-2025-41446 · Unknown · Student Result Manager

CVE-2025-11551

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9