CVE-2025-3150

MEDIUM

Itning Student-homework-management-system - Missing Authorization

Title source: rule

Description

A vulnerability was found in itning Student Homework Management System up to 1.2.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Multiple endpoints might be affected.

Exploits (1)

gitee

by nwtmd5 · writeup

https://gitee.com/nwtmd5/cve/issues/IBVLYH

References (4)

[Exploit, Issue Tracking] https://gitee.com/nwtmd5/cve/issues/IBVLYH

[Permissions Required, VDB Entry] https://vuldb.com/?ctiid.303055

[Third Party Advisory, VDB Entry] https://vuldb.com/?id.303055

[Third Party Advisory, VDB Entry] https://vuldb.com/?submit.525408

Scores

CVSS v3 4.3

EPSS 0.0016

EPSS Percentile 36.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Details

CWE

CWE-862 CWE-352

Status published

Products (1)

itning/student-homework-management-system < 1.2.7

Published Apr 03, 2025

Tracked Since Feb 18, 2026