{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-10483","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2025-09-15T14:01:36.436Z","datePublished":"2025-09-15T22:32:07.495Z","dateUpdated":"2025-09-16T13:46:37.342Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2025-09-15T22:32:07.495Z"},"title":"SourceCodester Online Student File Management System save_user.php sql injection","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-89","lang":"en","description":"SQL Injection"}]},{"descriptions":[{"type":"CWE","cweId":"CWE-74","lang":"en","description":"Injection"}]}],"affected":[{"vendor":"SourceCodester","product":"Online Student File Management System","versions":[{"version":"1.0","status":"affected"}]}],"descriptions":[{"lang":"en","value":"A flaw has been found in SourceCodester Online Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/save_user.php. This manipulation of the argument firstname causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. Other parameters might be affected as well."},{"lang":"de","value":"In SourceCodester Online Student File Management System 1.0 wurde eine Schwachstelle gefunden. Betroffen davon ist ein unbekannter Prozess der Datei /admin/save_user.php. Dank der Manipulation des Arguments firstname mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit ist öffentlich verfügbar und könnte genutzt werden."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":5.3,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":6.3,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":6.3,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":6.5,"vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}],"timeline":[{"time":"2025-09-15T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2025-09-15T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2025-09-15T16:06:48.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"quchunyi2 (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.323918","name":"VDB-323918 | SourceCodester Online Student File Management System save_user.php sql injection","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.323918","name":"VDB-323918 | CTI Indicators (IOB, IOC, TTP, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.648597","name":"Submit #648597 | SourceCodester Online Student File Management System 1.0 SQL Injection","tags":["third-party-advisory"]},{"url":"https://github.com/qcycop0101-hash/CVE/issues/12","tags":["exploit","issue-tracking"]},{"url":"https://www.sourcecodester.com/","tags":["product"]}],"tags":["x_freeware"]},"adp":[{"references":[{"url":"https://github.com/qcycop0101-hash/CVE/issues/12","tags":["exploit"]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-09-16T13:46:24.448641Z","id":"CVE-2025-10483","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-09-16T13:46:37.342Z"}}]}}