CNNVD-202512-3796 Information
CNNVD ID
CNNVD-202512-3796
Related CVE
- CNNVD Published: 2025-12-19
Description (Chinese)
itsourcecode Student Management System是itsourcecode开源的一个学生管理系统。 itsourcecode Student Management System 1.0版本存在SQL注入漏洞,该漏洞源于文件/candidates_report.php中未知功能对参数school_year处理不当,可能导致SQL注入。
Description (English)
Its sourcecodeSystem is an open source student management system. Its sourcecode Standard Management System Version 1.0 contains an injection loophole in SQL, which results from the inappropriate handling of the unknown function to the parameter school year in document/candidates report.php, which may lead to SQL injection.
Hazard Level
Medium
Vulnerability Type
SQL注入
Affected Vendor
itsourcecode
Published
2025-12-19
Last Modified
2026-02-24
References
https://github.com/ltranquility/CVE/issues/28 https://itsourcecode.com/ https://vuldb.com/?ctiid.337602 https://vuldb.com/?id.337602 https://vuldb.com/?submit.718414 https://access.redhat.com/security/cve/cve-2025-14967
Share on: