CVE-2025-3150

Published: Apr 3, 2025Modified: Aug 13, 2025

5.3

Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Show more

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: CNA (Secondary)

Description

A vulnerability was found in itning Student Homework Management System up to 1.2.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Multiple endpoints might be affected.

Affected (1)

Products: Itning: Student Homework Management System

1 product

Student Homework Management System

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Itning Student Homework Management System	Up to 1.2.7

Related CWEs

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

References (4)

https://gitee.com/nwtmd5/cve/issues/IBVLYH

Source: cna@vuldb.com

ExploitIssue Tracking

https://vuldb.com/?ctiid.303055

Source: cna@vuldb.com

Permissions RequiredVDB Entry

https://vuldb.com/?id.303055

Source: cna@vuldb.com

Third Party AdvisoryVDB Entry

https://vuldb.com/?submit.525408

Source: cna@vuldb.com

Third Party AdvisoryVDB Entry

Timeline

No history available yet.