CVE-2025-14967

A vulnerability was identified in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /candidates_report.php. The manipulation of the argument school_year leads to sql injection. The attack can be initiated remotely. The exploit is publi...

high 7.3 CVSS 3.1
Published: Dec 19, 2025
Modified: Dec 24, 2025
Vendor: Angeljudesuarez
Product: Student Management System
Versions: 1.0

Description

A vulnerability was identified in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /candidates_report.php. The manipulation of the argument school_year leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used.

References

Related CVEs

CVE-2025-15168 high · 7.3
A vulnerability was identified in itsourcecode Student Management System 1.0. Affected is an unknown function of the file /statistical.php. Such manipulation of the argument ID lea
CVE-2025-66947 medium · 6.5
SQL injection vulnerability in krishanmuraiji SMS v.1.0, within the /studentms/admin/edit-class-detail.php via the editid GET parameter. An attacker can trigger controlled delays u
CVE-2025-15078 high · 7.3
A vulnerability was detected in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /list_report.php. The manipulation of the argume
CVE-2025-15077 high · 7.3
A security vulnerability has been detected in itsourcecode Student Management System 1.0. The affected element is an unknown function of the file /form137.php. The manipulation of
CVE-2025-15075 high · 7.3
A security flaw has been discovered in itsourcecode Student Management System 1.0. This issue affects some unknown processing of the file /student_p.php. Performing manipulation of
CVE-2025-15034 high · 7.3
A security flaw has been discovered in itsourcecode Student Management System 1.0. This affects an unknown part of the file /record.php. The manipulation of the argument ID results