漏洞关键信息 漏洞标识 VDB: VDB-332629 CVE: CVE-2025-13289 GCVE: GCVE-100-332629 受影响产品 产品: 1000projects Design & Development of Student Database Management System 1.0 文件: /TeacherLogin/Academics/SubjectDetails.php 漏洞描述 类型: SQL Injection CWE: CWE-89 风险等级: Critical 影响: Manipulation of the argument causes SQL injection 推理: The product constructs all or part of an SQL command using externally-influenced input from an upstream component, without proper neutralization of special elements. 漏洞详情 来源: Advised at github.com CVE名称: CVE-2025-13289 可用性: Public exploit available (proof-of-concept) 攻击技术 MITRE ATT&CK: T1505 其他信息 The exploit can be launched remotely and the exploitation appears to be easy. Technical details are known.