CVE-2025-50867 | THREATINT

Description

A SQL Injection vulnerability exists in the takeassessment2.php endpoint of the CloudClassroom-PHP-Project 1.0, where the Q5 POST parameter is directly embedded in SQL statements without sanitization.

PUBLISHED Reserved 2025-06-16 | Published 2025-07-31 | Updated 2025-07-31 | Assigner mitre

References

github.com/SacX-7/CVE-2025-50867

cve.org (CVE-2025-50867)

nvd.nist.gov (CVE-2025-50867)

Download JSON