CVE-2025-11551 MEDIUM

CVE-2025-11551: code-projects Student Result Manager Database.java sql injection

Vendor Code-Projects

Product Student Result Manager

Weakness CWE-89 · SQLi

Published October 9, 2025

Last update October 9, 2025

View on NVD All CVEs

CVSS base score

5.3/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

What the vulnerability does

Description

A vulnerability was determined in code-projects Student Result Manager 1.0. This affects an unknown function of the file src/students/Database.java. This manipulation of the argument roll/name/gpa causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.

Key dates

Disclosure timeline

October 9, 2025 CVE published

October 9, 2025 Record updated