{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-9666","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2025-08-29T07:30:31.893Z","datePublished":"2025-08-29T18:02:09.505Z","dateUpdated":"2025-08-29T18:21:23.697Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2025-08-29T18:02:09.505Z"},"title":"code-projects Simple Grading System Admin Panel delete_student.php sql injection","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-89","lang":"en","description":"SQL Injection"}]},{"descriptions":[{"type":"CWE","cweId":"CWE-74","lang":"en","description":"Injection"}]}],"affected":[{"vendor":"code-projects","product":"Simple Grading System","versions":[{"version":"1.0","status":"affected"}],"modules":["Admin Panel"]}],"descriptions":[{"lang":"en","value":"A security vulnerability has been detected in code-projects Simple Grading System 1.0. Affected by this issue is some unknown functionality of the file /delete_student.php of the component Admin Panel. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used."},{"lang":"de","value":"Es wurde eine Schwachstelle in code-projects Simple Grading System 1.0 entdeckt. Betroffen ist eine unbekannte Funktion der Datei /delete_student.php der Komponente Admin Panel. Die Bearbeitung des Arguments ID verursacht sql injection. Ein Angriff ist aus der Distanz möglich. Der Exploit ist öffentlich verfügbar und könnte genutzt werden."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":5.3,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":6.3,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":6.3,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":6.5,"vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}],"timeline":[{"time":"2025-08-29T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2025-08-29T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2025-08-29T09:35:45.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"liule (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.321873","name":"VDB-321873 | code-projects Simple Grading System Admin Panel delete_student.php sql injection","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.321873","name":"VDB-321873 | CTI Indicators (IOB, IOC, TTP, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.637257","name":"Submit #637257 | https://code-projects.org/ simple-grading-system-in-php-with-source-code 1.0 SQL Injection","tags":["third-party-advisory"]},{"url":"https://www.yuque.com/yuqueyonghuexlgkz/zepczx/uqhw0llf4ry9f2kk?singleDoc","tags":["exploit"]},{"url":"https://code-projects.org/","tags":["product"]}],"tags":["x_freeware"]},"adp":[{"references":[{"url":"https://www.yuque.com/yuqueyonghuexlgkz/zepczx/uqhw0llf4ry9f2kk?singleDoc","tags":["exploit"]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-08-29T18:17:22.061983Z","id":"CVE-2025-9666","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-08-29T18:21:23.697Z"}}]}}