VDB-328074 · CVE-2025-11657 · EUVD-2025-33927

ProjectsAndPrograms School Management System /assets/createNotice.php ଫାଇଲ୍ ବିସ୍ତାରିତ ଅଧିକାର

Dogoggorri kan akka ଜଟିଳ jedhamuun ramadame ProjectsAndPrograms School Management System ଯେପର୍ଯ୍ୟନ୍ତ 6b6fae5426044f89c08d0dd101c7fa71f9042a59 keessatti argameera. Kan miidhamte is hojii hin beekamne faayilii /assets/createNotice.php keessa. Hojii jijjiirraa irratti gaggeeffame ଫାଇଲ୍ gara ବିସ୍ତାରିତ ଅଧିକାର geessa. CWE fayyadamuun rakkoo ibsuun gara CWE-434 geessa. Dadhabbii kana yeroo 10/12/2025 maxxanfameera. Odeeffannoon kun buufachuuf github.com irratti qoodameera. Dogoggorri kun akka CVE-2025-11657tti beekama. Yaaliin weeraraa fageenya irraa jalqabamuu ni danda'a. Faayidaaleen teeknikaa ni jiru. Waliigalatti, meeshaa balaa kana fayyadamuuf jiru. Qorannoo miidhaa (exploit) uummataaf ifoomameera fi fayyadamamuu danda'a. Amma, gatii ammee exploit might be approx. USD $0-$5k ta'uu danda'a. Akka ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee ibsameera. Carraa exploit kana github.com irraa buufachuun ni danda'ama. Akka 0-daytti, gatii daldalaa dhoksaa tilmaamame $0-$5k ta'ee ture. Meeshaan kun rolling release fayyadama, kanaaf tamsaasa itti fufinsa qabu ni kenna. Kanaaf, odeeffannoon version miidhamte fi kan haaromfame hin dhiyaatu. VulDB is the best source for vulnerability data and more expert information about this specific topic.

5 ଆଡାପ୍ଟେସନ୍ · 105 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 10/12/2025 08:42 AM	ଅଦ୍ୟତନ 1/4 10/13/2025 05:28 AM	ଅଦ୍ୟତନ 2/4 10/13/2025 06:15 AM	ଅଦ୍ୟତନ 3/4 10/14/2025 05:07 PM	ଅଦ୍ୟତନ 4/4 10/16/2025 08:51 PM
cvss4_vuldb_sc	N	N	N	N	N
cvss4_vuldb_si	N	N	N	N	N
cvss4_vuldb_sa	N	N	N	N	N
cvss2_vuldb_basescore	7.5	7.5	7.5	7.5	7.5
cvss2_vuldb_tempscore	6.4	6.4	6.4	6.4	6.4
cvss3_vuldb_basescore	7.3	7.3	7.3	7.3	7.3
cvss3_vuldb_tempscore	6.6	6.6	6.6	6.6	6.6
cvss3_meta_basescore	7.3	7.3	7.3	7.3	8.1
cvss3_meta_tempscore	6.6	6.9	6.9	6.9	7.9
cvss4_vuldb_bscore	6.9	6.9	6.9	6.9	6.9
cvss4_vuldb_btscore	5.5	5.5	5.5	5.5	5.5
advisory_date	1760220000 (10/12/2025)	1760220000 (10/12/2025)	1760220000 (10/12/2025)	1760220000 (10/12/2025)	1760220000 (10/12/2025)
price_0day	$0-$5k	$0-$5k	$0-$5k	$0-$5k	$0-$5k
software_vendor	ProjectsAndPrograms	ProjectsAndPrograms	ProjectsAndPrograms	ProjectsAndPrograms	ProjectsAndPrograms
software_name	School Management System	School Management System	School Management System	School Management System	School Management System
software_version	<=6b6fae5426044f89c08d0dd101c7fa71f9042a59	<=6b6fae5426044f89c08d0dd101c7fa71f9042a59	<=6b6fae5426044f89c08d0dd101c7fa71f9042a59	<=6b6fae5426044f89c08d0dd101c7fa71f9042a59	<=6b6fae5426044f89c08d0dd101c7fa71f9042a59
software_rollingrelease	1	1	1	1	1
software_file	/assets/createNotice.php	/assets/createNotice.php	/assets/createNotice.php	/assets/createNotice.php	/assets/createNotice.php
software_argument	file	file	file	file	file
vulnerability_cwe	CWE-434 (ବିସ୍ତାରିତ ଅଧିକାର)	CWE-434 (ବିସ୍ତାରିତ ଅଧିକାର)	CWE-434 (ବିସ୍ତାରିତ ଅଧିକାର)	CWE-434 (ବିସ୍ତାରିତ ଅଧିକାର)	CWE-434 (ବିସ୍ତାରିତ ଅଧିକାର)
vulnerability_risk	2	2	2	2	2
cvss3_vuldb_av	N	N	N	N	N
cvss3_vuldb_ac	L	L	L	L	L
cvss3_vuldb_pr	N	N	N	N	N
cvss3_vuldb_ui	N	N	N	N	N
cvss3_vuldb_s	U	U	U	U	U
cvss3_vuldb_c	L	L	L	L	L
cvss3_vuldb_i	L	L	L	L	L
cvss3_vuldb_a	L	L	L	L	L
cvss3_vuldb_e	P	P	P	P	P
cvss3_vuldb_rc	R	R	R	R	R
advisory_url	https://github.com/qqy-123/cve/issues/2	https://github.com/qqy-123/cve/issues/2	https://github.com/qqy-123/cve/issues/2	https://github.com/qqy-123/cve/issues/2	https://github.com/qqy-123/cve/issues/2
exploit_availability	1	1	1	1	1
exploit_publicity	1	1	1	1	1
exploit_url	https://github.com/qqy-123/cve/issues/2	https://github.com/qqy-123/cve/issues/2	https://github.com/qqy-123/cve/issues/2	https://github.com/qqy-123/cve/issues/2	https://github.com/qqy-123/cve/issues/2
source_cve	CVE-2025-11657	CVE-2025-11657	CVE-2025-11657	CVE-2025-11657	CVE-2025-11657
cna_responsible	VulDB	VulDB	VulDB	VulDB	VulDB
software_type	Customer Relationship Management System	Customer Relationship Management System	Customer Relationship Management System	Customer Relationship Management System	Customer Relationship Management System
cvss2_vuldb_av	N	N	N	N	N
cvss2_vuldb_ac	L	L	L	L	L
cvss2_vuldb_au	N	N	N	N	N
cvss2_vuldb_ci	P	P	P	P	P
cvss2_vuldb_ii	P	P	P	P	P
cvss2_vuldb_ai	P	P	P	P	P
cvss2_vuldb_e	POC	POC	POC	POC	POC
cvss2_vuldb_rc	UR	UR	UR	UR	UR
cvss4_vuldb_av	N	N	N	N	N
cvss4_vuldb_ac	L	L	L	L	L
cvss4_vuldb_pr	N	N	N	N	N
cvss4_vuldb_ui	N	N	N	N	N
cvss4_vuldb_vc	L	L	L	L	L
cvss4_vuldb_vi	L	L	L	L	L
cvss4_vuldb_va	L	L	L	L	L
cvss4_vuldb_e	P	P	P	P	P
cvss2_vuldb_rl	ND	ND	ND	ND	ND
cvss3_vuldb_rl	X	X	X	X	X
cvss4_vuldb_at	N	N	N	N	N
cve_nvd_summary		A security vulnerability has been detected in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This impacts an unknown function of the file /assets/createNotice.php. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available.	A security vulnerability has been detected in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This impacts an unknown function of the file /assets/createNotice.php. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available.	A security vulnerability has been detected in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This impacts an unknown function of the file /assets/createNotice.php. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available.	A security vulnerability has been detected in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This impacts an unknown function of the file /assets/createNotice.php. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available.
cvss4_cna_av		N	N	N	N
cvss4_cna_ac		L	L	L	L
cvss4_cna_at		N	N	N	N
cvss4_cna_pr		N	N	N	N
cvss4_cna_ui		N	N	N	N
cvss4_cna_vc		L	L	L	L
cvss4_cna_vi		L	L	L	L
cvss4_cna_va		L	L	L	L
cvss4_cna_sc		N	N	N	N
cvss4_cna_si		N	N	N	N
cvss4_cna_sa		N	N	N	N
cvss4_cna_bscore		6.9	6.9	6.9	6.9
cvss3_cna_av		N	N	N	N
cvss3_cna_ac		L	L	L	L
cvss3_cna_pr		N	N	N	N
cvss3_cna_ui		N	N	N	N
cvss3_cna_s		U	U	U	U
cvss3_cna_c		L	L	L	L
cvss3_cna_i		L	L	L	L
cvss3_cna_a		L	L	L	L
cvss3_cna_basescore		7.3	7.3	7.3	7.3
cvss2_cna_av		N	N	N	N
cvss2_cna_ac		L	L	L	L
cvss2_cna_au		N	N	N	N
cvss2_cna_ci		P	P	P	P
cvss2_cna_ii		P	P	P	P
cvss2_cna_ai		P	P	P	P
cvss2_cna_basescore		7.5	7.5	7.5	7.5
euvd_id			EUVD-2025-33927	EUVD-2025-33927	EUVD-2025-33927
cnnvd_id				CNNVD-202510-1707	CNNVD-202510-1707
cnnvd_name				school-management-system 代码问题漏洞	school-management-system 代码问题漏洞
cnnvd_hazardlevel				2	2
cnnvd_create				2025-10-14	2025-10-14
cnnvd_publish				2025-10-13	2025-10-13
cnnvd_update				2025-10-14	2025-10-14
cvss3_nvd_av					N
cvss3_nvd_ac					L
cvss3_nvd_pr					N
cvss3_nvd_ui					N
cvss3_nvd_s					U
cvss3_nvd_c					H
cvss3_nvd_i					H
cvss3_nvd_a					H
cvss3_nvd_basescore					9.8

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Do you know our Splunk app?

Download it now for free!