CVE-2025-25951

Published: Mar 3, 2025Modified: Dec 12, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

An information disclosure vulnerability in the component /rest/cb/executeBasicSearch of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows attackers to access sensitive user information.

Affected (1)

Products: Serosoft: Academia Student Information System

Serosoft

1 product

Academia Student Information System

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Serosoft Academia Student Information System	Version eagler-1.0.118

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (3)

https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-89638

Source: cve@mitre.org

Broken LinkNot Applicable

https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25951

Source: cve@mitre.org

Third Party Advisory

https://github.com/el-viper/cve-research/tree/main/CVEs/CVE-2025-25951

Source: cve@mitre.org

Timeline

No history available yet.