Security Advisory

CVE-2025-51567

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-12 00:00:00

Last updated 2026-01-12 20:06:58

Assigner mitre

State PUBLISHED

Description

A SQL Injection was found in the /exam/user/profile.php page of kashipara Online Exam System V1.0, which allows remote attackers to execute arbitrary SQL command to get unauthorized database access via the rname, rcollage, rnumber, rgender and rpassword parameters in a POST HTTP request.

← Browse all CVEs View on cve.org ↗