CVE-2025-0203 | code-projects Student Management System 1.0 /config/DbFunction.php showSubject1 sid sql injection

Posted by Angelo Barbosa | Jan 3, 2025 | CVE

A vulnerability was found in code-projects Student Management System 1.0. It has been declared as critical. This vulnerability affects the function showSubject1 of the file /config/DbFunction.php. The manipulation of the argument sid leads to sql injection.

This vulnerability was named CVE-2025-0203. The attack can be initiated remotely. Furthermore, there is an exploit available.

Other parameters might be affected as well.

CVE-2025-0203 | code-projects Student Management System 1.0 /config/DbFunction.php showSubject1 sid sql injection

Related Posts

CVE-2024-47250 | Apache NimBLE up to 1.7.0 HCI Advertising Report Validation out-of-bounds

CVE-2024-1016 | Solar FTP Server 2.1.1/2.1.2 PASV Command denial of service (ID 176675)

CVE-2024-47191 | oath-toolkit up to 2.6.11 pam_oath.so liboath/usersfile.c oath_authenticate_usersfile symlink (Nessus ID 208203)

CVE-2024-29766 | StreamWeasels Twitch Integration Plugin up to 1.7.5 on WordPress cross site scripting