AttackFeed by Joe Wagner | CVE‑2025‑52187 – Stored XSS in School Management System (PHP/MySQL)  - Full Disclosure

CVE‑2025‑52187 – Stored XSS in School Management System (PHP/MySQL)  – Full Disclosure

Posted on By Joe-W
Alert Feeds

 

Posted by Sanjay Singh on Jul 29

Hello Full Disclosure community,

I’m sharing details of a recently assigned CVE affecting a widely used
open‑source School Management System (PHP/MySQL).

——————————————–
CVE ID: CVE‑2025‑52187
Vulnerability Type: Stored Cross‑Site Scripting (XSS)
Attack Vector: Remote
Discoverer: Sanjay Singh
Vendor Repository:
https://github.com/GetProjectsIdea/Create-School-Management-System-with-PHP-MySQL
Version…
 – Read More  – Full Disclosure 

You may also like

Alert Feeds
Kigen eUICC issue (custom backdoor vs. FW update bug)  – Full Disclosure
August 12, 2025
Alert Feeds
libheif v1.21.0 Null Pointer Dereference in Box_hdlr::get_handler_type  – Full Disclosure
September 8, 2025
Alert Feeds
libheif v1.21.0 Out-of-Bounds Read in FullBox::get_flags  – Full Disclosure
September 8, 2025
Alert Feeds
St. Pölten UAS 20250721-0 | Multiple Vulnerabilities in Helmholz Industrial Router REX100 / mbNET.mini  – Full Disclosure
July 30, 2025
AttackFeed by Joe Wagner
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.