CVE-2025-52410 | THREATINT

Description

Institute-of-Current-Students v1.0 contains a time-based blind SQL injection vulnerability in the mydetailsstudent.php endpoint. The `myds` GET parameter is not adequately sanitized before being used in SQL queries.

PUBLISHED Reserved 2025-06-16 | Published 2025-11-20 | Updated 2025-11-21 | Assigner mitre

References

github.com/...ute-of-Current-Students---PHP-Project/issues/2

cve.org (CVE-2025-52410)

nvd.nist.gov (CVE-2025-52410)

Download JSON