CVE-2025-14566 | kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464 reg.php USN sql injection

Inserito da Angelo Barbosa | Dic 12, 2025 | CVE

A vulnerability was found in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. It has been rated as critical. The impacted element is an unknown function of the file /Profilers/SProfile/reg.php. Performing manipulation of the argument USN results in sql injection.

This vulnerability is cataloged as CVE-2025-14566. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2025-14566 | kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464 reg.php USN sql injection

Post correlati

CVE-2024-47826 | eLabFTW up to 5.1.4 experiments.php cross site scripting (GHSA-cjww-pr9f-4c4w)

CVE-2025-57781 | Denso Ten Drive Recorder Viewer uncontrolled search path

CVE-2024-2595 | Amssplus AMSS++ 4.31 bookdetail_khet_person.php b_id cross site scripting

CVE-2024-20319 | Cisco IOS XR SNMP Management access control (cisco-sa-snmp-uhv6ZDeF)