Vulnerability Description
A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. Affected is an unknown function of the file /Profilers/PProfile/COUNT3s3.php. The manipulation of the argument csem leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kidaze | Courseselectionsystem | <= 2017-06-18 |
Related Weaknesses (CWE)
References
- https://github.com/qi-wm/cve/issues/1ExploitIssue TrackingThird Party Advisory
- https://vuldb.com/?ctiid.324786Permissions RequiredVDB Entry
- https://vuldb.com/?id.324786Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.651941Third Party AdvisoryVDB Entry
FAQ
What is CVE-2025-10665?
CVE-2025-10665 is a vulnerability with a CVSS score of 6.3 (MEDIUM). A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. Affected is an unknown function of the file /Profilers/PProfile/COUNT3s3.php. The manipul...
How severe is CVE-2025-10665?
CVE-2025-10665 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-10665?
Check the references section above for vendor advisories and patch information. Affected products include: Kidaze Courseselectionsystem.