Ralph El-khoury (Swiss Post Cybersecurity)

1 exploit Active since Mar 2025
CVE-2025-25952 WRITEUP MEDIUM WORKING POC
Academia Student Information System EagleR 1.0.118 - Authorization Bypass via getStudemtAllDetailsById API
An Insecure Direct Object References (IDOR) in the component /getStudemtAllDetailsById?studentId=XX of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows attackers to access sensitive user information via a crafted API request.
CVSS 6.5