SourceCodester Advanced School Management System addNotice cross site scripting

5.1 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/notice/addNotice. The manipulation of the argument noticeSubject results in cross site scripting. It is possible to launch the attack remotely. The exploit is now public and may be used.

Basic Information

ID CVE-2025-9306

Source VulDB

Published Aug 21, 2025 at 15:32

Affected Product

Vendor SourceCodester

Product Advanced School Management System

Version 1.0

Affected Versions SourceCodester Advanced School Management System 1.0

CWE Classification

CWE-79 CWE-94

References

{
    "lastseen": "",
    "description": "A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/notice/addNotice. The manipulation of the argument noticeSubject results in cross site scripting. It is possible to launch the attack remotely. The exploit is now public and may be used.",
    "published": "2025-08-21T15:32:08.960Z",
    "modified": "2025-08-21T15:32:08.960Z",
    "type": "cve",
    "title": "SourceCodester Advanced School Management System addNotice cross site scripting",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.320911\nhttps://vuldb.com/?ctiid.320911\nhttps://vuldb.com/?submit.632419\nhttps://github.com/lrjbsyh/CVE_Hunter/issues/3\nhttps://github.com/lrjbsyh/CVE_Hunter/issues/3#issue-3313419319\nhttps://www.sourcecodester.com/",
    "id": "CVE-2025-9306",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "SourceCodester Advanced School Management System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Advanced School Management System",
    "version": "1.0",
    "vendor": "SourceCodester",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

SourceCodester Advanced School Management System addNotice cross site scripting_CVE-2025-9306