CVE-2025-3589 MEDIUM

CVE-2025-3589: SourceCodester Music Class Enrollment System manage_class.php sql injection

Vendor Sourcecodester
Product Music Class Enrollment System
Weakness CWE-89 · SQLi
Published April 14, 2025
Last update April 14, 2025
View on NVD All CVEs

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

What the vulnerability does

01Description

A vulnerability, which was classified as critical, was found in SourceCodester Music Class Enrollment System 1.0. Affected is an unknown function of the file /manage_class.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Key dates

02Disclosure timeline

April 14, 2025 CVE published
April 14, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-7947 SourceCodester Point of Sales and Inventory Management System login.php sql injection CVE-2024-43965 WordPress SendGrid for WordPress plugin <= 1.4 - SQL Injection vulnerability CVE-2025-3353 PHPGurukul Men Salon Management System add-services.php sql injection CVE-2025-3323 godcheese/code-projects Nimrod ViewMenuCategoryRestController.java searchAllByName sql injection CVE-2024-5516 itsourcecode Online Blood Bank Management System massage.php sql injection