CVE-2025-11107
Severity
6.9MEDIUM
EPSS
0.0%
top 91.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 28
Description
A vulnerability was found in code-projects Simple Scheduling System 1.0. This issue affects some unknown processing of the file /schedulingsystem/addcourse.php. Performing manipulation of the argument corcode results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
CVSS vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N