CVE-2025-10483

Sažetak

A flaw has been found in SourceCodester Online Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/save_user.php. This manipulation of the argument firstname causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. Other parameters might be affected as well.

Reference

https://github.com/qcycop0101-hash/CVE/issues/12
https://vuldb.com/?ctiid.323918
https://vuldb.com/?id.323918
https://vuldb.com/?submit.648597
https://www.sourcecodester.com/
https://github.com/qcycop0101-hash/CVE/issues/12

CVSS

Base:	6.5
Impact:	6.4
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

16-09-2025 - 14:15

Objavljeno

15-09-2025 - 23:15