CNNVD-202511-875 Information

Nov 09, 2025 cve

CNNVD ID

CNNVD-202511-875

CVE-2025-12918

CNNVD Published: 2025-11-09

Description (Chinese)

Skuul school management system是Marvellous Ifezue个人开发者的一个学校管理系统。 Skuul school management system 2.6.5及之前版本存在安全漏洞，该漏洞源于对文件/dashboard/fees/fee-invoices/中参数invoice_id的错误操作，可能导致资源标识符控制不当。

Description (English)

Skuul school management system is a school management system for Marvellous Ifezue personal developers. There is a security loophole in the Skuul school system 2.6.5 and earlier versions, which stems from the mishandling of the parameter in file/dashboard/fees/fee-invoices/, which may lead to inappropriate control of the resource identifier.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-11-09

Last Modified

2026-02-24

References

https://vuldb.com/?submit.680686 https://vuldb.com/?id.331636 https://gist.github.com/thezeekhan/fbfa9a7dbc0b0b81fd868ee166839041 https://gist.github.com/thezeekhan/fbfa9a7dbc0b0b81fd868ee166839041#steps-to-reproduce https://vuldb.com/?ctiid.331636 https://access.redhat.com/security/cve/cve-2025-12918

Share on: