{"cve":{"cve_id":"CVE-2025-14588","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00333,"epss_percentile":0.24941,"epss_as_of":"2026-06-23","description":"A security flaw has been discovered in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /update_program.php. Performing manipulation of the argument ID results in sql injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited.","published_at":"2025-12-13T10:02:06.526000Z","last_modified_at":null,"cvss_v3_score":7.3,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R","cvss_v3_severity":"HIGH","cvss_v4_score":6.9,"cvss_v4_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P","cvss_v4_severity":"MEDIUM","ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":["CWE-89","CWE-74"],"nvd_references":["https://vuldb.com/?id.336208","https://vuldb.com/?ctiid.336208","https://vuldb.com/?submit.707081","https://github.com/ltranquility/CVE/issues/24","https://itsourcecode.com/"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:25:26.690405Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"L","value_label":"Low"},{"metric":"I","name":"Integrity","value":"L","value_label":"Low"},{"metric":"A","name":"Availability","value":"L","value_label":"Low"},{"metric":"E","name":"E","value":"P","value_label":"Physical"},{"metric":"RL","name":"RL","value":"X","value_label":"X"},{"metric":"RC","name":"RC","value":"R","value_label":"Required"}]},"cvss_v4_decoded":{"version":"4.0","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"AT","name":"Attack Requirements","value":"N","value_label":"None"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"VC","name":"Confidentiality (Vulnerable System)","value":"L","value_label":"Low"},{"metric":"VI","name":"Integrity (Vulnerable System)","value":"L","value_label":"Low"},{"metric":"VA","name":"Availability (Vulnerable System)","value":"L","value_label":"Low"},{"metric":"SC","name":"Confidentiality (Subsequent System)","value":"N","value_label":"None"},{"metric":"SI","name":"Integrity (Subsequent System)","value":"N","value_label":"None"},{"metric":"SA","name":"Availability (Subsequent System)","value":"N","value_label":"None"},{"metric":"E","name":"E","value":"P","value_label":"Physical"}]},"affected":[{"vendor_slug":"itsourcecode","vendor_name":"itsourcecode","product_slug":"student-management-system","product_name":"Student Management System","version_start":"1.0","version_start_inclusive":true,"version_end":"1.0","version_end_inclusive":true,"cpe23_uri":"cve5:itsourcecode:student-management-system:1.0:1.0"}],"exploit_refs":[],"news":[],"references":[{"url":"https://vuldb.com/?id.336208","source_type":"MISC","tags":[]},{"url":"https://vuldb.com/?ctiid.336208","source_type":"MISC","tags":[]},{"url":"https://vuldb.com/?submit.707081","source_type":"MISC","tags":[]},{"url":"https://github.com/ltranquility/CVE/issues/24","source_type":"MISC","tags":[]},{"url":"https://itsourcecode.com/","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2025-12-13T10:02:06.526000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:41:39.863887Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:41:39.863887Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:41:39.863887Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:41:39.863887Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:41:39.863887Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:41:39.863887Z","label":"CVSS score revised","source":"cvelistv5"}]}