CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-10597

A vulnerability was determined in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. This vulnerability affects unknown code of the file /Profilers/PriProfile/COUNT2.php. This manipulation of the argument cname causes sql injection. The attack may be initiated remotely. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 8.4%

CVSS Severity

CVSS v3 Score 7.3

CVSS v2 Score 7.5

References

https://github.com/shang-hh/shang/blob/main/sql.txt
https://vuldb.com/?ctiid.324614
https://vuldb.com/?id.324614
https://vuldb.com/?submit.649316
https://github.com/shang-hh/shang/blob/main/sql.txt
https://vuldb.com/?submit.649316

Products affected by CVE-2025-10597

Kidaze » Courseselectionsystem » Version: Any

cpe:2.3:a:kidaze:courseselectionsystem:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-10597

Products

Pricing

Contact Us