CVE-2025-15205

A vulnerability was identified in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /download.php. The manipulation of the argument istore_id leads to sql injection. The attack can be initiated remotely. The exploit is publicly a...

medium 6.3 CVSS 3.1

Published: Dec 29, 2025

Modified: Jan 7, 2026

Vendor: Fabian

Product: Student File Management System

Versions: 1.0

Description

A vulnerability was identified in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /download.php. The manipulation of the argument istore_id leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used.

References

Related CVEs

CVSS Breakdown

Version	3.1
Score	6.3 / 10
Severity	medium

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Weakness (CWE)

CWE-74

Affected Product

Vendor	Fabian
Product	Student File Management System
Versions	1.0