CVE-2025-14951

EUVD-2025-204535
A security vulnerability has been detected in code-projects Scholars Tracking System 1.0. The impacted element is an unknown function of the file /home.php. Such manipulation of the argument post_content leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
VulDBCNA
7.3 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
Affected Products (NVD)
VendorProductVersion
fabianscholars_tracking_system
1.0
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
code-projectsscholars_tracking_system
1.0
CNA
Common Weakness Enumeration
References
https://code-projects.org/
https://github.com/gx922/CVE/issues/3
https://vuldb.com/?ctiid.337587
https://vuldb.com/?id.337587
https://vuldb.com/?submit.716185
https://github.com/gx922/CVE/issues/3