CVE-2025-15205 | code-projects Student File Management System 1.0 /download.php istore_id sql injection

Inserito da Angelo Barbosa | Dic 28, 2025 | CVE

A vulnerability, which was classified as critical, has been found in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /download.php. The manipulation of the argument istore_id leads to sql injection.

This vulnerability is documented as CVE-2025-15205. The attack can be initiated remotely. Additionally, an exploit exists.

CVE-2025-15205 | code-projects Student File Management System 1.0 /download.php istore_id sql injection

Post correlati

CVE-2022-49331 | Linux Kernel up to 5.18.3 st21nfca devm_kfree memory leak

CVE-2024-1703 | ZhongBangKeJi CRMEB 5.2.2 openfile absolute path traversal

CVE-2024-25770 | libming 0.4.8 listaction.c memory leak

CVE-2024-7706 | Fujian mwcms 1.0.0 /uploadfile.html uploadimage upfile unrestricted upload