Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-45542

SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0. The pass parameter is vulnerable due to improper input validation, allowing attackers to inject SQL queries.

Published

2025-06-02T16:15:29.707

Last Modified

2025-06-13T17:45:40.463

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.3 (HIGH)

Weaknesses

Type: Secondary
CWE-89

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	vishalmathur	cloudclassroom-php_project	1.0	Yes

References

https://github.com/mathurvishal/CloudClassroom-PHP-Project Product ([email protected])
https://medium.com/@sanjay70023/cve-2025-45542-time-based-blind-sql-injection-in-cloudclassroom-php-project-v1-0-1fa0efc8a94a Exploit, Third Party Advisory ([email protected])
http://seclists.org/fulldisclosure/2025/Jun/12 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)