CNNVD-202511-2669 Information

Nov 24, 2025 cve

CNNVD ID

CNNVD-202511-2669

CVE-2025-13586

CNNVD Published: 2025-11-24

Description (Chinese)

SourceCodester Online Student Clearance System是SourceCodester开源的一个在线学生管理系统。 SourceCodester Online Student Clearance System 1.0版本存在SQL注入漏洞，该漏洞源于对文件/Admin/changepassword.php中参数txtconfirm_password的错误操作，可能导致SQL注入。

Description (English)

ServiceCodester Online Clearance System is an online student management system open to ServiceCodester. SourceCodester Online Service System System 1.0 has an injection loophole in SQL, which results from an error in the parameter txtconfirm password in document/Admin/changepassword.php, which may result in SQL injection.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

SourceCodester

Published

2025-11-24

Last Modified

2026-02-24

References

https://vuldb.com/?id.333350 https://github.com/CaseyW33/CVE/issues/2 https://vuldb.com/?ctiid.333350 https://www.sourcecodester.com/ https://vuldb.com/?submit.700130 https://access.redhat.com/security/cve/cve-2025-13586

Share on: