CVE-2025-65135

Name of the Vulnerable Software and Affected Versions manikandan580 School-management-system version 1.0

Description A time-based blind SQL injection exists in the endpoint '/studentms/admin/between-date-reprtsdetails.php' via the fromdate POST parameter. Time-based blind SQL injection is a technique where an attacker sends database queries that force the system to wait for a specific amount of time before responding, allowing them to infer information based on the response delay.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.