itsourcecode Society Management System edit_admin_query.php edit_admin_query sql injection_CVE-2025-15353

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was detected in itsourcecode Society Management System 1.0. Impacted is the function edit_admin_query of the file /admin/edit_admin_query.php. Performing manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.

Basic Information

ID CVE-2025-15353

Source VulDB

Published Dec 30, 2025 at 19:32

Modified Dec 30, 2025 at 19:45

Affected Product

Vendor itsourcecode

Product Society Management System

Version 1.0

Affected Versions itsourcecode Society Management System 1.0

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A vulnerability was detected in itsourcecode Society Management System 1.0. Impacted is the function edit_admin_query of the file /admin/edit_admin_query.php. Performing manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.",
    "published": "2025-12-30T19:32:07.432Z",
    "modified": "2025-12-30T19:45:12.847Z",
    "type": "cve",
    "title": "itsourcecode Society Management System edit_admin_query.php edit_admin_query sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.338740\nhttps://vuldb.com/?ctiid.338740\nhttps://vuldb.com/?submit.726280\nhttps://github.com/BUPT2025201/CVE/issues/4\nhttps://itsourcecode.com/",
    "id": "CVE-2025-15353",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "itsourcecode Society Management System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Society Management System",
    "version": "1.0",
    "vendor": "itsourcecode",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}