Skip to main content

Courseselectionsystem

3 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-14566 MEDIUM POC This Month

A security flaw has been discovered in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The impacted element is an unknown function of the file /Profilers/SProfile/reg.php. Performing a manipulation of the argument USN results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks.

PHP SQLi Courseselectionsystem
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2025-14565 MEDIUM POC This Month

A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The affected element is an unknown function of the file /Profilers/SProfile/login1.php. Such manipulation of the argument Username leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used.

PHP SQLi Courseselectionsystem
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2025-10597 MEDIUM POC This Month

A vulnerability was determined in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Courseselectionsystem
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2025-14566
EPSS 0% CVSS 5.5
MEDIUM POC This Month

A security flaw has been discovered in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The impacted element is an unknown function of the file /Profilers/SProfile/reg.php. Performing a manipulation of the argument USN results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks.

PHP SQLi Courseselectionsystem
NVD GitHub VulDB
CVE-2025-14565
EPSS 0% CVSS 5.5
MEDIUM POC This Month

A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The affected element is an unknown function of the file /Profilers/SProfile/login1.php. Such manipulation of the argument Username leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used.

PHP SQLi Courseselectionsystem
NVD GitHub VulDB
CVE-2025-10597
EPSS 0% CVSS 6.9
MEDIUM POC This Month

A vulnerability was determined in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Courseselectionsystem
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy