CVE-2025-13785 | yungifez Skuul School Management System up to 2.6.5 Image /user/profile information disclosure

Inserito da Angelo Barbosa | Nov 29, 2025 | CVE

A vulnerability classified as problematic was found in yungifez Skuul School Management System up to 2.6.5. This issue affects some unknown processing of the file /user/profile of the component Image Handler. Such manipulation leads to information disclosure.

This vulnerability is listed as CVE-2025-13785. The attack may be performed from remote. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-13785 | yungifez Skuul School Management System up to 2.6.5 Image /user/profile information disclosure

Post correlati

CVE-2025-54525 | Mattermost Confluence Plugin up to 1.4.x Create Channel Subscription Endpoint improper validation of specified type of input

CVE-2024-36615 | FFmpeg 7.0 VP9 Decoder race condition

CVE-2024-47157 | Honor Magic OS up to 8.0.0.135 denial of service

CVE-2024-40089 | Vilo Mesh WiFi System up to 5.16.1.33 Device Name command injection