CVE-2015-10036 MEDIUM

CVE-2015-10036: kylebebak dronfelipe sql injection

Vendor Kylebebak

Product dronfelipe

Weakness CWE-89 · SQLi

Published January 11, 2023

Last update April 8, 2025

View on NVD All CVEs

CVSS base score

5.5/10

Attack vector Adjacent

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality Low

Integrity Low

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

A vulnerability was found in kylebebak dronfelipe. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. The patch is named 87405b74fe651892d79d0dff62ed17a7eaef6a60. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217951.

Key dates

02Disclosure timeline

January 11, 2023 CVE published

April 8, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2015-10036

Related vulnerabilities

04Related CVE

CVE-2025-0536 1000 Projects Attendance Tracking Management System edit_action.php sql injection CVE-2025-10595 SourceCodester Online Student File Management System delete_user.php sql injection CVE-2025-0214 TMD Custom Header Menu index.php sql injection CVE-2024-5112 Campcodes Complete Web-Based School Management System student_profile.php sql injection CVE-2025-6883 code-projects Staff Audit System update_index.php sql injection