CVE-2025-13289 | 1000projects Design & Development of Student Database Management System SubjectDetails.php sql injection

Inserito da Angelo Barbosa | Nov 17, 2025 | CVE

A vulnerability, which was classified as critical, was found in 1000projects Design & Development of Student Database Management System 1.0. Affected is an unknown function of the file /TeacherLogin/Academics/SubjectDetails.php. The manipulation of the argument SubCode results in sql injection.

This vulnerability was named CVE-2025-13289. The attack may be performed from remote. In addition, an exploit is available.

CVE-2025-13289 | 1000projects Design & Development of Student Database Management System SubjectDetails.php sql injection

Post correlati

CVE-2024-55546 | ORing IAP-420 up to 2.01e cross site scripting

CVE-2024-4168 | Tenda 4G300 1.01.42 sub_4260F0 upfilen stack-based overflow

CVE-2024-53065 | Linux Kernel up to 6.11.7 slab kmalloc state issue (1b47f9febf48/9c9201afebea)

CVE-2025-24416 | Adobe Commerce cross site scripting (apsb25-08)