CVE-2025-29425

low-risk
Published 2025-03-17

Code-projects Online Class and Exam Scheduling System 1.0 is vulnerable to SQL Injection in exam_save.php via the parameters member and first.

Do I need to act?

-
0.05% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.5/10 Medium
NETWORK / LOW complexity

Affected Products (1)

Online Class And Exam Scheduling System

Affected Vendors

Fabian

References (1)

Exploit https://github.com/872323857/CVE/blob/main/Online%20Class%20and%20Exam%20Schedul...
26
/ 100
low-risk
Severity 21/34 · High
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal