PT-2025-47888 · Sourcecodester · Sourcecodester Online Student Clearance System
Casey33
·
Published
2025-11-24
·
Updated
2025-11-24
·
CVE-2025-13586
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
SourceCodester Online Student Clearance System version 1.0
Description
A flaw exists in SourceCodester Online Student Clearance System 1.0 that allows for SQL injection. The issue is located in an unknown function within the
/Admin/changepassword.php file. Manipulation of the txtconfirm password parameter can trigger the SQL injection. The attack can be initiated remotely. An exploit for this issue has been published.Recommendations
Apply a fix for SourceCodester Online Student Clearance System version 1.0.
Exploit
Fix
Special Elements Injection
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Sourcecodester Online Student Clearance System