CVE-2025-51567 | Kashipara Online Exam System 1.0 HTTP Request /exam/user/profile.php rpassword sql injection

Inserito da Angelo Barbosa | Gen 12, 2026 | CVE

A vulnerability marked as critical has been reported in Kashipara Online Exam System 1.0. Affected by this vulnerability is an unknown functionality of the file /exam/user/profile.php of the component HTTP Request Handler. The manipulation of the argument rpassword leads to sql injection.

This vulnerability is referenced as CVE-2025-51567. Remote exploitation of the attack is possible. No exploit is available.

CVE-2025-51567 | Kashipara Online Exam System 1.0 HTTP Request /exam/user/profile.php rpassword sql injection

Post correlati

CVE-2024-3461 | KioWare up to 8.35 on Windows excessive authentication

CVE-2025-10020 | Zoho ManageEngine ADManager Plus up to 8023 Custom Script command injection

CVE-2025-5186 | thinkgem JeeSite up to 5.11.1 URI Scheme /cms/fileTemplate/form ResourceLoader.getResource Name server-side request forgery

CVE-2024-5557 | Schneider Electric SpaceLogic AS-P/SpaceLogic AS-B up to 5.0.3 SNMP Credentials log file (SEVD-2024-163-04)