CVE-2025-13468

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-13468

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-13468.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-13468

Published

2025-11-20T15:17:26.627Z

Modified

2026-03-14T15:03:47.168372Z

Severity

8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H CVSS Calculator

Summary

[none]

Details

A weakness has been identified in SourceCodester Alumni Management System 1.0. This issue affects the function deleteforum/deletecareer/deletecomment/deletegallery/deleteevent of the file admin/adminclass.php of the component Delete Handler. Executing manipulation of the argument ID can lead to missing authorization. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited.

References

Affected packages

Git /

Affected ranges

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "1.0"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-13468.json"