code-projects Simple Scheduling System addcourse.php sql injection_CVE-2025-11107

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was found in code-projects Simple Scheduling System 1.0. This issue affects some unknown processing of the file /schedulingsystem/addcourse.php. Performing manipulation of the argument corcode results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used.

Basic Information

ID CVE-2025-11107

Source VulDB

Published Sep 28, 2025 at 14:32

Affected Product

Vendor code-projects

Product Simple Scheduling System

Version 1.0

Affected Versions code-projects Simple Scheduling System 1.0

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A vulnerability was found in code-projects Simple Scheduling System 1.0. This issue affects some unknown processing of the file /schedulingsystem/addcourse.php. Performing manipulation of the argument corcode results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used.",
    "published": "2025-09-28T14:32:06.045Z",
    "modified": "2025-09-28T14:32:06.045Z",
    "type": "cve",
    "title": "code-projects Simple Scheduling System addcourse.php sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.326188\nhttps://vuldb.com/?ctiid.326188\nhttps://vuldb.com/?submit.662444\nhttps://github.com/WANGshuyan2025/cve/issues/4\nhttps://code-projects.org/",
    "id": "CVE-2025-11107",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "code-projects Simple Scheduling System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Simple Scheduling System",
    "version": "1.0",
    "vendor": "code-projects",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}