CVE-2025-11661

A vulnerability was found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This affects an unknown part. Performing manipulation results in missing authentication. The attack is possible to be carried out remotely. The exploit has been made public and could be used. This product adopts a rolling release strategy to maintain continuous delivery
References
Link Resource
https://github.com/qqy-123/cve/issues/6 Exploit Third Party Advisory Issue Tracking Mitigation
https://vuldb.com/?ctiid.328078 Permissions Required VDB Entry
https://vuldb.com/?id.328078 Third Party Advisory VDB Entry
https://vuldb.com/?submit.665611 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:oranbyte:school_management_system:1.0:*:*:*:*:*:*:*

History

17 Oct 2025, 13:51

Type Values Removed Values Added
References () https://github.com/qqy-123/cve/issues/6 - () https://github.com/qqy-123/cve/issues/6 - Exploit, Third Party Advisory, Issue Tracking, Mitigation
References () https://vuldb.com/?ctiid.328078 - () https://vuldb.com/?ctiid.328078 - Permissions Required, VDB Entry
References () https://vuldb.com/?id.328078 - () https://vuldb.com/?id.328078 - Third Party Advisory, VDB Entry
References () https://vuldb.com/?submit.665611 - () https://vuldb.com/?submit.665611 - Third Party Advisory, VDB Entry
First Time Oranbyte
Oranbyte school Management System
CPE cpe:2.3:a:oranbyte:school_management_system:1.0:*:*:*:*:*:*:*

13 Oct 2025, 05:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-10-13 05:15

Updated : 2025-10-17 13:51


NVD link : CVE-2025-11661

Mitre link : CVE-2025-11661

CVE.ORG link : CVE-2025-11661


JSON object : View

Products Affected

oranbyte

  • school_management_system
CWE
CWE-287

Improper Authentication

CWE-306

Missing Authentication for Critical Function