CVE-2025-15353

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-15353

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-15353.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-15353

Published

2025-12-30T20:15:59.430Z

Modified

2026-03-15T22:50:23.671509Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A vulnerability was detected in itsourcecode Society Management System 1.0. Impacted is the function editadminquery of the file /admin/editadminquery.php. Performing manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.

References

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-15353.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "1.0"
            }
        ]
    }
]