CVE-2020-25408

MEDIUM

ProjectWorlds College Management System Php 1.0 - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

A Cross-Site Request Forgery (CSRF) vulnerability exists in ProjectWorlds College Management System Php 1.0 that allows a remote attacker to modify, delete, or make a new entry of the student, faculty, teacher, subject, scores, location, and article data.

References (2)

Core 2
Core References
Third Party Advisory x_refsource_misc
https://nikhilkumar01.medium.com/cve-2020-25408-97eb7bcc23a6

Scores

CVSS v3 6.5
EPSS 0.0078
EPSS Percentile 51.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Details

CWE
CWE-352
Status published
Products (1)
college_management_system_project/college_management_system 1.0
Published May 24, 2021
Tracked Since Feb 18, 2026