CVE-2025-50867 Information

Description

A SQL Injection vulnerability exists in the takeassessment2.php endpoint of the CloudClassroom-PHP-Project 1.0 where the Q5 POST parameter is directly embedded in SQL statements without sanitization.

Reference

https://github.com/SacX-7/CVE-2025-50867

Related CNNVD

CNNVD-202507-3929 (Published: 2025-07-31)