ProjectsAndPrograms School Management System /assets/editNotes.php कानस विशेषाधिकार वाढीचे प्रमाण वाढले

एक कमकुवतपणा जो गंभीर म्हणून वर्गीकृत केला आहे, तो ProjectsAndPrograms School Management System जोपर्यंत 6b6fae5426044f89c08d0dd101c7fa71f9042a59 मध्ये आढळून आला आहे. या ठिकाणी परिणाम झाला आहे अज्ञात फंक्शन फाइल /assets/editNotes.php च्या. सॉफ्टवेअरमध्ये कानस या आर्ग्युमेंटचे केलेली छेडछाड विशेषाधिकार वाढीचे प्रमाण वाढले निर्माण करते. समस्या जाहीर करण्यासाठी CWE वापरल्यास CWE-434 येथे नेले जाते. ही कमतरता प्रसिद्ध करण्यात आली होती 12/10/2025. डाउनलोडसाठी सल्ला github.com वर शेअर केला आहे. ही असुरक्षा CVE-2025-11656 म्हणून नोंदवली गेली आहे. दूरवरून हा हल्ला घडवून आणता येतो. तांत्रिक तपशील दिलेले आहेत. यासाठी एक एक्स्प्लॉइट उपलब्ध आहे. शोषण सार्वजनिकपणे जाहीर झाले आहे आणि त्याचा वापर होऊ शकतो. सध्या USD $0-$5k इतका असू शकतो. MITRE ATT&CK प्रकल्प T1608.002 हल्ला तंत्रज्ञान म्हणून घोषित करतो. प्रूफ-ऑफ-कॉन्सेप्ट म्हणून हे घोषित केले गेले आहे. डाउनलोडसाठी शोषण github.com वर उपलब्ध आहे. 0-डे म्हणून त्याची अंदाजे भूमिगत किंमत $0-$5k होती. या उत्पादनात सतत वितरणासाठी रोलिंग रिलीज वापरले जाते. त्यामुळे प्रभावित किंवा अद्ययावत आवृत्त्यांची माहिती उपलब्ध नाही. If you want to get the best quality for vulnerability data then you always have to consider VulDB.

5 बदल · 105 डेटा पॉइंट्स

शेततयार केली
12/10/2025 08:42 AM		अद्ययावत 1/4
13/10/2025 05:28 AM		अद्ययावत 2/4
13/10/2025 05:34 AM		अद्ययावत 3/4
14/10/2025 05:07 PM		अद्ययावत 4/4
16/10/2025 08:51 PM
software_vendorProjectsAndProgramsProjectsAndProgramsProjectsAndProgramsProjectsAndProgramsProjectsAndPrograms
software_nameSchool Management SystemSchool Management SystemSchool Management SystemSchool Management SystemSchool Management System
software_version<=6b6fae5426044f89c08d0dd101c7fa71f9042a59<=6b6fae5426044f89c08d0dd101c7fa71f9042a59<=6b6fae5426044f89c08d0dd101c7fa71f9042a59<=6b6fae5426044f89c08d0dd101c7fa71f9042a59<=6b6fae5426044f89c08d0dd101c7fa71f9042a59
software_rollingrelease11111
software_file/assets/editNotes.php/assets/editNotes.php/assets/editNotes.php/assets/editNotes.php/assets/editNotes.php
software_argumentfilefilefilefilefile
vulnerability_cweCWE-434 (विशेषाधिकार वाढीचे प्रमाण वाढले)CWE-434 (विशेषाधिकार वाढीचे प्रमाण वाढले)CWE-434 (विशेषाधिकार वाढीचे प्रमाण वाढले)CWE-434 (विशेषाधिकार वाढीचे प्रमाण वाढले)CWE-434 (विशेषाधिकार वाढीचे प्रमाण वाढले)
vulnerability_risk22222
cvss3_vuldb_avNNNNN
cvss3_vuldb_acLLLLL
cvss3_vuldb_prNNNNN
cvss3_vuldb_uiNNNNN
cvss3_vuldb_sUUUUU
cvss3_vuldb_cLLLLL
cvss3_vuldb_iLLLLL
cvss3_vuldb_aLLLLL
cvss3_vuldb_ePPPPP
cvss3_vuldb_rcRRRRR
advisory_urlhttps://github.com/qqy-123/cve/issues/1https://github.com/qqy-123/cve/issues/1https://github.com/qqy-123/cve/issues/1https://github.com/qqy-123/cve/issues/1https://github.com/qqy-123/cve/issues/1
exploit_availability11111
exploit_publicity11111
exploit_urlhttps://github.com/qqy-123/cve/issues/1https://github.com/qqy-123/cve/issues/1https://github.com/qqy-123/cve/issues/1https://github.com/qqy-123/cve/issues/1https://github.com/qqy-123/cve/issues/1
source_cveCVE-2025-11656CVE-2025-11656CVE-2025-11656CVE-2025-11656CVE-2025-11656
cna_responsibleVulDBVulDBVulDBVulDBVulDB
software_typeCustomer Relationship Management SystemCustomer Relationship Management SystemCustomer Relationship Management SystemCustomer Relationship Management SystemCustomer Relationship Management System
cvss2_vuldb_avNNNNN
cvss2_vuldb_acLLLLL
cvss2_vuldb_auNNNNN
cvss2_vuldb_ciPPPPP
cvss2_vuldb_iiPPPPP
cvss2_vuldb_aiPPPPP
cvss2_vuldb_ePOCPOCPOCPOCPOC
cvss2_vuldb_rcURURURURUR
cvss4_vuldb_avNNNNN
cvss4_vuldb_acLLLLL
cvss4_vuldb_prNNNNN
cvss4_vuldb_uiNNNNN
cvss4_vuldb_vcLLLLL
cvss4_vuldb_viLLLLL
cvss4_vuldb_vaLLLLL
cvss4_vuldb_ePPPPP
cvss2_vuldb_rlNDNDNDNDND
cvss3_vuldb_rlXXXXX
cvss4_vuldb_atNNNNN
cvss4_vuldb_scNNNNN
cvss4_vuldb_siNNNNN
cvss4_vuldb_saNNNNN
cvss2_vuldb_basescore7.57.57.57.57.5
cvss2_vuldb_tempscore6.46.46.46.46.4
cvss3_vuldb_basescore7.37.37.37.37.3
cvss3_vuldb_tempscore6.66.66.66.66.6
cvss3_meta_basescore7.37.37.37.38.1
cvss3_meta_tempscore6.66.96.96.97.9
cvss4_vuldb_bscore6.96.96.96.96.9
cvss4_vuldb_btscore5.55.55.55.55.5
advisory_date1760220000 (12/10/2025)1760220000 (12/10/2025)1760220000 (12/10/2025)1760220000 (12/10/2025)1760220000 (12/10/2025)
price_0day$0-$5k$0-$5k$0-$5k$0-$5k$0-$5k
cve_nvd_summaryA weakness has been identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This affects an unknown function of the file /assets/editNotes.php. Executing manipulation of the argument File can lead to unrestricted upload. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.A weakness has been identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This affects an unknown function of the file /assets/editNotes.php. Executing manipulation of the argument File can lead to unrestricted upload. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.A weakness has been identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This affects an unknown function of the file /assets/editNotes.php. Executing manipulation of the argument File can lead to unrestricted upload. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.A weakness has been identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This affects an unknown function of the file /assets/editNotes.php. Executing manipulation of the argument File can lead to unrestricted upload. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.
cvss4_cna_avNNNN
cvss4_cna_acLLLL
cvss4_cna_atNNNN
cvss4_cna_prNNNN
cvss4_cna_uiNNNN
cvss4_cna_vcLLLL
cvss4_cna_viLLLL
cvss4_cna_vaLLLL
cvss4_cna_scNNNN
cvss4_cna_siNNNN
cvss4_cna_saNNNN
cvss4_cna_bscore6.96.96.96.9
cvss3_cna_avNNNN
cvss3_cna_acLLLL
cvss3_cna_prNNNN
cvss3_cna_uiNNNN
cvss3_cna_sUUUU
cvss3_cna_cLLLL
cvss3_cna_iLLLL
cvss3_cna_aLLLL
cvss3_cna_basescore7.37.37.37.3
cvss2_cna_avNNNN
cvss2_cna_acLLLL
cvss2_cna_auNNNN
cvss2_cna_ciPPPP
cvss2_cna_iiPPPP
cvss2_cna_aiPPPP
cvss2_cna_basescore7.57.57.57.5
euvd_idEUVD-2025-33925EUVD-2025-33925EUVD-2025-33925
cnnvd_idCNNVD-202510-1709CNNVD-202510-1709
cnnvd_nameschool-management-system 代码问题漏洞school-management-system 代码问题漏洞
cnnvd_hazardlevel22
cnnvd_create2025-10-142025-10-14
cnnvd_publish2025-10-132025-10-13
cnnvd_update2025-10-142025-10-14
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aH
cvss3_nvd_basescore9.8

मागील बाजूससिंहावलोकनपुढील

Want to stay up to date on a daily basis?

Enable the mail alert feature now!