CVE-2025-12327

Name of the Vulnerable Software and Affected Versions shawon100 RUET OJ versions up to 18fa45b0a669fa1098a0b8fc629cf6856369d9a5

Description A flaw exists in shawon100 RUET OJ that allows for SQL injection through manipulation of the ID argument when processing the /description.php file. This issue can be exploited remotely. The exploit is publicly available. The product employs a rolling release model, making specific version details for fixes unavailable. The vendor was notified but did not respond.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.