Description
A vulnerability was determined in itsourcecode Student Management System 1.0. This affects an unknown part of the file /new_grade.php. This manipulation of the argument grade causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.
Published: 2025-12-09
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 16 Dec 2025 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Angeljudesuarez
Angeljudesuarez student Management System
CPEs cpe:2.3:a:angeljudesuarez:student_management_system:1.0:*:*:*:*:*:*:*
Vendors & Products Angeljudesuarez
Angeljudesuarez student Management System

Wed, 10 Dec 2025 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Itsourcecode
Itsourcecode student Management System
Vendors & Products Itsourcecode
Itsourcecode student Management System

Tue, 09 Dec 2025 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 09 Dec 2025 19:45:00 +0000

Type Values Removed Values Added
Description A vulnerability was determined in itsourcecode Student Management System 1.0. This affects an unknown part of the file /new_grade.php. This manipulation of the argument grade causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.
Title itsourcecode Student Management System new_grade.php sql injection
Weaknesses CWE-74
CWE-89
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Angeljudesuarez Student Management System
Itsourcecode Student Management System
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2025-12-09T20:35:56.056Z

Reserved: 2025-12-09T13:59:26.468Z

Link: CVE-2025-14337

cve-icon Vulnrichment

Updated: 2025-12-09T20:11:56.725Z

cve-icon NVD

Status : Analyzed

Published: 2025-12-09T20:15:53.773

Modified: 2026-04-29T01:00:01.613

Link: CVE-2025-14337

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-12-10T17:49:07Z

Weaknesses