A flaw has been found in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. This issue affects some unknown processing of the file /Profilers/PriProfile/COUNT3s6.php. Executing manipulation of the argument CPU can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed.
References
| Link | Resource |
|---|---|
| https://github.com/limingserverll-wq/cve/issues/3 | Exploit Issue Tracking Third Party Advisory |
| https://vuldb.com/?ctiid.325979 | Permissions Required VDB Entry |
| https://vuldb.com/?id.325979 | Third Party Advisory VDB Entry |
| https://vuldb.com/?submit.657950 | Third Party Advisory VDB Entry Exploit |
Configurations
History
08 Oct 2025, 20:16
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Kidaze courseselectionsystem
Kidaze |
|
| CPE | cpe:2.3:a:kidaze:courseselectionsystem:*:*:*:*:*:*:*:* | |
| References | () https://github.com/limingserverll-wq/cve/issues/3 - Exploit, Issue Tracking, Third Party Advisory | |
| References | () https://vuldb.com/?ctiid.325979 - Permissions Required, VDB Entry | |
| References | () https://vuldb.com/?id.325979 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?submit.657950 - Third Party Advisory, VDB Entry, Exploit |
26 Sep 2025, 18:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-09-26 18:15
Updated : 2025-10-08 20:16
NVD link : CVE-2025-11032
Mitre link : CVE-2025-11032
CVE.ORG link : CVE-2025-11032
JSON object : View
Products Affected
kidaze
- courseselectionsystem