CVE-2025-6403

HIGH EXPLOITED NUCLEI

Fabian School Fees Payment System - Injection

Title source: rule

Description

A vulnerability was found in code-projects School Fees Payment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Nuclei Templates (1)

Code-Projects School Fees Payment System 1.0 - SQL Injection

CRITICALVERIFIEDby hnd3884

References (5)

[Product] https://code-projects.org/

[Exploit, Issue Tracking, Third Party Advisory] https://github.com/tuooo/CVE/issues/16

[Permissions Required, VDB Entry] https://vuldb.com/?ctiid.313397

[Third Party Advisory, VDB Entry] https://vuldb.com/?id.313397

[Third Party Advisory, VDB Entry] https://vuldb.com/?submit.597758

Scores

CVSS v3 7.3

EPSS 0.0124

EPSS Percentile 79.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Details

VulnCheck KEV 2025-11-27

CWE

CWE-74 CWE-89

Status published

Products (1)

fabian/school_fees_payment_system 1.0

Published Jun 21, 2025

Tracked Since Feb 18, 2026