CVE-2025-14967 | itsourcecode Student Management System 1.0 /candidates_report.php school_year sql injection

Inserito da Angelo Barbosa | Dic 19, 2025 | CVE

A vulnerability was found in itsourcecode Student Management System 1.0. It has been classified as critical. Affected by this vulnerability is an unknown functionality of the file /candidates_report.php. The manipulation of the argument school_year leads to sql injection.

This vulnerability is documented as CVE-2025-14967. The attack can be initiated remotely. Additionally, an exploit exists.

CVE-2025-14967 | itsourcecode Student Management System 1.0 /candidates_report.php school_year sql injection

Post correlati

CVE-2023-49744 | Gift Up Plugin 2.21.3 on WordPress consume_post cross-site request forgery

CVE-2023-6250 | BestWebSoft Like & Share Plugin up to 2.73 on WordPress Password Protected Post improper authentication

CVE-2022-49396 | Linux Kernel up to 5.18.2 qcom-qmp devm_reset_control_get_exclusive Privilege Escalation

CVE-2025-0432 | HMS Networks Ewon Flexy 202 cleartext transmission (icsa-25-023-06)