Vulnerability Details CVE-2025-51567
A SQL Injection was found in the /exam/user/profile.php page of kashipara Online Exam System V1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the rname, rcollage, rnumber, rgender and rpassword parameters in a POST HTTP request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 15.1%
CVSS Severity
CVSS v3 Score 9.1
Products affected by CVE-2025-51567
-
cpe:2.3:a:jayesh:online_exam_system:1.0