CVE-2025-25952 | Serosoft Academia Student Information System EagleR 1.0.118 API Request getStudemtAllDetailsById?studentId=XX resource injection

Posted by Angelo Barbosa | Mar 3, 2025 | CVE

A vulnerability, which was classified as problematic, was found in Serosoft Academia Student Information System EagleR 1.0.118. This affects an unknown part of the file /getStudemtAllDetailsById?studentId=XX of the component API Request Handler. The manipulation leads to improper control of resource identifiers.

This vulnerability is uniquely identified as CVE-2025-25952. The attack needs to be approached within the local network. There is no exploit available.

CVE-2025-25952 | Serosoft Academia Student Information System EagleR 1.0.118 API Request getStudemtAllDetailsById?studentId=XX resource injection

Related Posts

CVE-2024-35263 | Microsoft Dynamics 365 information disclosure

CVE-2024-49520 | Adobe Substance3D Painter up to 10.1.0 out-of-bounds write (apsb24-86)

CVE-2024-10614 | ivole Customer Reviews for WooCommerce Plugin up to 5.61.0 on WordPress cancel_import authorization

CVE-2024-30880 | RageFrame2 2.6.43 Image Crop cross site scripting (Issue 114)