HIGH🇵🇱 Wersja polska

CVE-2025-45542

CVSS 7.3v3.1pub. 2025-06-02upd. 2025-06-13

SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0. The pass parameter is vulnerable due to improper input validation, allowing attackers to inject SQL queries.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
  • Vishalmathur Cloudclassroom PHP Project

    APP
    Vishalmathur
    1.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
SQLi
CWE
References

Related vulnerabilities

CVE-2025-46179CRITICAL9.8PL ✓ten sam produkt

SQL Injection w CloudClassroom-PHP — plik askquery.php

CVE-2025-26198CRITICAL9.8PL ✓ten sam produkt

SQL Injection w CloudClassroom-PHP — ominięcie uwierzytelnienia admina

CVE-2025-26199CRITICAL9.8PL ✓ten sam produkt

Nieszyfrowana transmisja danych logowania w CloudClassroom-PHP-Project

CVE-2024-57459HIGH7.3ten sam produkt

A time-based SQL injection vulnerability exists in mydetailsstudent.php in the CloudClassroom PHP Project 1.0....

CVE-2025-44608MEDIUM6.5ten sam produkt

CloudClassroom-PHP Project v1.0 was discovered to contain a SQL injection vulnerability via the viewid paramet...