High severity7.3NVD Advisory· Published Sep 26, 2025· Updated Apr 29, 2026
CVE-2025-11032
CVE-2025-11032
Description
A flaw has been found in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. This issue affects some unknown processing of the file /Profilers/PriProfile/COUNT3s6.php. Executing manipulation of the argument CPU can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:kidaze:courseselectionsystem:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:kidaze:courseselectionsystem:*:*:*:*:*:*:*:*range: <=2017-06-18
- (no CPE)range: <=42cd892b40a18d50bd4ed1905fa89f939173a464
Patches
Vulnerability mechanics
References
4- github.com/limingserverll-wq/cve/issues/3nvdExploitIssue TrackingThird Party Advisory
- vuldb.comnvdExploitThird Party AdvisoryVDB Entry
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdPermissions RequiredVDB Entry
News mentions
0No linked articles in our index yet.