PT-2025-38756 · Alpes Recherche Et Developpement · Ard Gec En Lign
Published
2025-09-22
·
Updated
2025-09-22
·
CVE-2025-55885
CVSS v3.1
6.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Alpes Recherche et Developpement ARD GEC en Lign versions prior to 2025-04-23
Description
A SQL Injection issue exists in Alpes Recherche et Developpement ARD GEC en Lign. A remote attacker can potentially escalate privileges by manipulating the GET parameters within the 'index.php' file. The vulnerable parameter is accessed through the
index.php API endpoint.Recommendations
Update Alpes Recherche et Developpement ARD GEC en Lign to version 2025-04-23 or later.
Exploit
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ard Gec En Lign