CVE-2025-3150 - Vulnerability Details

Link	Providers
https://gitee.com/nwtmd5/cve/issues/IBVLYH
https://vuldb.com/?ctiid.303055
https://vuldb.com/?id.303055
https://vuldb.com/?submit.525408

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Type	Values Removed	Values Added
Description		A vulnerability was found in itning Student Homework Management System up to 1.2.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Multiple endpoints might be affected.
Title		itning Student Homework Management System cross-site request forgery
Weaknesses		CWE-352 CWE-862
References		https://gitee.com/nwtmd5/cve/issues/IBVLYH https://vuldb.com/?ctiid.303055 https://vuldb.com/?id.303055 https://vuldb.com/?submit.525408
Metrics		cvssV2_0 `{'score': 5, 'vector': 'AV:N/AC:L/Au:N/C:N/I:P/A:N'}` cvssV3_0 `{'score': 4.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N'}` cvssV3_1 `{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N'}` cvssV4_0 `{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N'}`

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-3150", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2025-04-02T20:48:59.953Z", "datePublished": "2025-04-03T07:31:16.885Z", "dateUpdated": "2025-04-03T13:25:03.621Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-04-03T07:31:16.885Z"}, "title": "itning Student Homework Management System cross-site request forgery", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-352", "lang": "en", "description": "Cross-Site Request Forgery"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-862", "lang": "en", "description": "Missing Authorization"}]}], "affected": [{"vendor": "itning", "product": "Student Homework Management System", "versions": [{"version": "1.2.0", "status": "affected"}, {"version": "1.2.1", "status": "affected"}, {"version": "1.2.2", "status": "affected"}, {"version": "1.2.3", "status": "affected"}, {"version": "1.2.4", "status": "affected"}, {"version": "1.2.5", "status": "affected"}, {"version": "1.2.6", "status": "affected"}, {"version": "1.2.7", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in itning Student Homework Management System up to 1.2.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Multiple endpoints might be affected."}, {"lang": "de", "value": "In itning Student Homework Management System bis 1.2.7 wurde eine problematische Schwachstelle ausgemacht. Es geht um eine nicht n\u00e4her bekannte Funktion. Mittels dem Manipulieren mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "timeline": [{"time": "2025-04-02T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2025-04-02T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2025-04-02T22:54:05.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "TTTlw1024 (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.303055", "name": "VDB-303055 | itning Student Homework Management System cross-site request forgery", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.303055", "name": "VDB-303055 | CTI Indicators (IOB, IOC)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.525408", "name": "Submit #525408 | itning Student-Homework-Management-System null Cross-Site Request Forgery", "tags": ["third-party-advisory"]}, {"url": "https://gitee.com/nwtmd5/cve/issues/IBVLYH", "tags": ["exploit", "issue-tracking"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-03T13:24:39.927975Z", "id": "CVE-2025-3150", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-03T13:25:03.621Z"}}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2025-3150 (string)

assignerOrgId : 1af790b2-7ee1-4545-860a-a788eba489b5 (string)

state : PUBLISHED (string)

assignerShortName : VulDB (string)

dateReserved : 2025-04-02T20:48:59.953Z (string)

datePublished : 2025-04-03T07:31:16.885Z (string)

dateUpdated : 2025-04-03T13:25:03.621Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 1af790b2-7ee1-4545-860a-a788eba489b5 (string)

shortName : VulDB (string)

dateUpdated : 2025-04-03T07:31:16.885Z (string)

}

title : itning Student Homework Management System cross-site request forgery (string)

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

type : CWE (string)

cweId : CWE-352 (string)

lang : en (string)

description : Cross-Site Request Forgery (string)

}

]

}

1 : { »

descriptions : [ »

0 : { »

type : CWE (string)

cweId : CWE-862 (string)

lang : en (string)

description : Missing Authorization (string)

}

]

}

]

affected : [ »

0 : { »

vendor : itning (string)

product : Student Homework Management System (string)

versions : [ »

0 : { »

version : 1.2.0 (string)

status : affected (string)

}

1 : { »

version : 1.2.1 (string)

status : affected (string)

}

2 : { »

version : 1.2.2 (string)

status : affected (string)

}

3 : { »

version : 1.2.3 (string)

status : affected (string)

}

4 : { »

version : 1.2.4 (string)

status : affected (string)

}

5 : { »

version : 1.2.5 (string)

status : affected (string)

}

6 : { »

version : 1.2.6 (string)

status : affected (string)

}

7 : { »

version : 1.2.7 (string)

status : affected (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability was found in itning Student Homework Management System up to 1.2.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Multiple endpoints might be affected. (string)

}

1 : { »

lang : de (string)

value : In itning Student Homework Management System bis 1.2.7 wurde eine problematische Schwachstelle ausgemacht. Es geht um eine nicht näher bekannte Funktion. Mittels dem Manipulieren mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. (string)

}

]

metrics : [ »

0 : { »

cvssV4_0 : { »

version : 4.0 (string)

baseScore : 5.3 (number)

vectorString : CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N (string)

baseSeverity : MEDIUM (string)

}

1 : { »

cvssV3_1 : { »

version : 3.1 (string)

baseScore : 4.3 (number)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N (string)

baseSeverity : MEDIUM (string)

}

2 : { »

cvssV3_0 : { »

version : 3.0 (string)

baseScore : 4.3 (number)

vectorString : CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N (string)

baseSeverity : MEDIUM (string)

}

3 : { »

cvssV2_0 : { »

version : 2.0 (string)

baseScore : 5 (number)

vectorString : AV:N/AC:L/Au:N/C:N/I:P/A:N (string)

}

]

timeline : [ »

0 : { »

time : 2025-04-02T00:00:00.000Z (string)

lang : en (string)

value : Advisory disclosed (string)

}

1 : { »

time : 2025-04-02T02:00:00.000Z (string)

lang : en (string)

value : VulDB entry created (string)

}

2 : { »

time : 2025-04-02T22:54:05.000Z (string)

lang : en (string)

value : VulDB entry last update (string)

}

]

credits : [ »

0 : { »

lang : en (string)

value : TTTlw1024 (VulDB User) (string)

type : reporter (string)

}

]

references : [ »

0 : { »

url : https://vuldb.com/?id.303055 (string)

name : VDB-303055 | itning Student Homework Management System cross-site request forgery (string)

tags : [ »

0 : vdb-entry (string)

]

}

1 : { »

url : https://vuldb.com/?ctiid.303055 (string)

name : VDB-303055 | CTI Indicators (IOB, IOC) (string)

tags : [ »

0 : signature (string)

1 : permissions-required (string)

]

}

2 : { »

url : https://vuldb.com/?submit.525408 (string)

name : Submit #525408 | itning Student-Homework-Management-System null Cross-Site Request Forgery (string)

tags : [ »

0 : third-party-advisory (string)

]

}

3 : { »

url : https://gitee.com/nwtmd5/cve/issues/IBVLYH (string)

tags : [ »

0 : exploit (string)

1 : issue-tracking (string)

]

}

]

}

adp : [ »

0 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2025-04-03T13:24:39.927975Z (string)

id : CVE-2025-3150 (string)

options : [ »

0 : { »

Exploitation : poc (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2025-04-03T13:25:03.621Z (string)

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-3150", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-03T13:24:39.927975Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-03T13:24:49.172Z"}}], "cna": {"title": "itning Student Homework Management System cross-site request forgery", "credits": [{"lang": "en", "type": "reporter", "value": "TTTlw1024 (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "affected": [{"vendor": "itning", "product": "Student Homework Management System", "versions": [{"status": "affected", "version": "1.2.0"}, {"status": "affected", "version": "1.2.1"}, {"status": "affected", "version": "1.2.2"}, {"status": "affected", "version": "1.2.3"}, {"status": "affected", "version": "1.2.4"}, {"status": "affected", "version": "1.2.5"}, {"status": "affected", "version": "1.2.6"}, {"status": "affected", "version": "1.2.7"}]}], "timeline": [{"lang": "en", "time": "2025-04-02T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2025-04-02T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2025-04-02T22:54:05.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.303055", "name": "VDB-303055 | itning Student Homework Management System cross-site request forgery", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.303055", "name": "VDB-303055 | CTI Indicators (IOB, IOC)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.525408", "name": "Submit #525408 | itning Student-Homework-Management-System null Cross-Site Request Forgery", "tags": ["third-party-advisory"]}, {"url": "https://gitee.com/nwtmd5/cve/issues/IBVLYH", "tags": ["exploit", "issue-tracking"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in itning Student Homework Management System up to 1.2.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Multiple endpoints might be affected."}, {"lang": "de", "value": "In itning Student Homework Management System bis 1.2.7 wurde eine problematische Schwachstelle ausgemacht. Es geht um eine nicht n\u00e4her bekannte Funktion. Mittels dem Manipulieren mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-352", "description": "Cross-Site Request Forgery"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "Missing Authorization"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-04-03T07:31:16.885Z"}}}, "cveMetadata": {"cveId": "CVE-2025-3150", "state": "PUBLISHED", "dateUpdated": "2025-04-03T13:25:03.621Z", "dateReserved": "2025-04-02T20:48:59.953Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2025-04-03T07:31:16.885Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2025-3150 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : poc (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2025-04-03T13:24:39.927975Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2025-04-03T13:24:49.172Z (string)

}

]

cna : { »

title : itning Student Homework Management System cross-site request forgery (string)

credits : [ »

0 : { »

lang : en (string)

type : reporter (string)

value : TTTlw1024 (VulDB User) (string)

}

]

metrics : [ »

0 : { »

cvssV4_0 : { »

version : 4.0 (string)

baseScore : 5.3 (number)

baseSeverity : MEDIUM (string)

vectorString : CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N (string)

}

1 : { »

cvssV3_1 : { »

version : 3.1 (string)

baseScore : 4.3 (number)

baseSeverity : MEDIUM (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N (string)

}

2 : { »

cvssV3_0 : { »

version : 3.0 (string)

baseScore : 4.3 (number)

baseSeverity : MEDIUM (string)

vectorString : CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N (string)

}

3 : { »

cvssV2_0 : { »

version : 2.0 (string)

baseScore : 5 (number)

vectorString : AV:N/AC:L/Au:N/C:N/I:P/A:N (string)

}

]

affected : [ »

0 : { »

vendor : itning (string)

product : Student Homework Management System (string)

versions : [ »

0 : { »

status : affected (string)

version : 1.2.0 (string)

}

1 : { »

status : affected (string)

version : 1.2.1 (string)

}

2 : { »

status : affected (string)

version : 1.2.2 (string)

}

3 : { »

status : affected (string)

version : 1.2.3 (string)

}

4 : { »

status : affected (string)

version : 1.2.4 (string)

}

5 : { »

status : affected (string)

version : 1.2.5 (string)

}

6 : { »

status : affected (string)

version : 1.2.6 (string)

}

7 : { »

status : affected (string)

version : 1.2.7 (string)

}

]

}

]

timeline : [ »

0 : { »

lang : en (string)

time : 2025-04-02T00:00:00.000Z (string)

value : Advisory disclosed (string)

}

1 : { »

lang : en (string)

time : 2025-04-02T02:00:00.000Z (string)

value : VulDB entry created (string)

}

2 : { »

lang : en (string)

time : 2025-04-02T22:54:05.000Z (string)

value : VulDB entry last update (string)

}

]

references : [ »

0 : { »

url : https://vuldb.com/?id.303055 (string)

name : VDB-303055 | itning Student Homework Management System cross-site request forgery (string)

tags : [ »

0 : vdb-entry (string)

]

}

1 : { »

url : https://vuldb.com/?ctiid.303055 (string)

name : VDB-303055 | CTI Indicators (IOB, IOC) (string)

tags : [ »

0 : signature (string)

1 : permissions-required (string)

]

}

2 : { »

url : https://vuldb.com/?submit.525408 (string)

name : Submit #525408 | itning Student-Homework-Management-System null Cross-Site Request Forgery (string)

tags : [ »

0 : third-party-advisory (string)

]

}

3 : { »

url : https://gitee.com/nwtmd5/cve/issues/IBVLYH (string)

tags : [ »

0 : exploit (string)

1 : issue-tracking (string)

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability was found in itning Student Homework Management System up to 1.2.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Multiple endpoints might be affected. (string)

}

1 : { »

lang : de (string)

value : In itning Student Homework Management System bis 1.2.7 wurde eine problematische Schwachstelle ausgemacht. Es geht um eine nicht näher bekannte Funktion. Mittels dem Manipulieren mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

type : CWE (string)

cweId : CWE-352 (string)

description : Cross-Site Request Forgery (string)

}

]

}

1 : { »

descriptions : [ »

0 : { »

lang : en (string)

type : CWE (string)

cweId : CWE-862 (string)

description : Missing Authorization (string)

}

]

}

]

providerMetadata : { »

orgId : 1af790b2-7ee1-4545-860a-a788eba489b5 (string)

shortName : VulDB (string)

dateUpdated : 2025-04-03T07:31:16.885Z (string)

}

cveMetadata : { »

cveId : CVE-2025-3150 (string)

state : PUBLISHED (string)

dateUpdated : 2025-04-03T13:25:03.621Z (string)

dateReserved : 2025-04-02T20:48:59.953Z (string)

assignerOrgId : 1af790b2-7ee1-4545-860a-a788eba489b5 (string)

datePublished : 2025-04-03T07:31:16.885Z (string)

assignerShortName : VulDB (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in itning Student Homework Management System up to 1.2.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Multiple endpoints might be affected."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en itning Student Homework Management System hasta la versi\u00f3n 1.2.7. Se ha declarado problem\u00e1tica. Esta vulnerabilidad afecta a una funcionalidad desconocida. La manipulaci\u00f3n provoca cross-site request forgery. El ataque puede ejecutarse remotamente. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. M\u00faltiples endpoints podr\u00edan verse afectados."}], "id": "CVE-2025-3150", "lastModified": "2025-04-07T14:18:34.453", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2025-04-03T08:15:16.863", "references": [{"source": "cna@vuldb.com", "url": "https://gitee.com/nwtmd5/cve/issues/IBVLYH"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.303055"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.303055"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.525408"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}, {"lang": "en", "value": "CWE-862"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability was found in itning Student Homework Management System up to 1.2.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Multiple endpoints might be affected. (string)

}

1 : { »

lang : es (string)

value : Se encontró una vulnerabilidad en itning Student Homework Management System hasta la versión 1.2.7. Se ha declarado problemática. Esta vulnerabilidad afecta a una funcionalidad desconocida. La manipulación provoca cross-site request forgery. El ataque puede ejecutarse remotamente. Se ha hecho público el exploit y puede que sea utilizado. Múltiples endpoints podrían verse afectados. (string)

}

]

id : CVE-2025-3150 (string)

lastModified : 2025-04-07T14:18:34.453 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 5 (number)

confidentialityImpact : NONE (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:L/Au:N/C:N/I:P/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : cna@vuldb.com (string)

type : Secondary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 4.3 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : NONE (string)

integrityImpact : LOW (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : REQUIRED (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 2.8 (number)

impactScore : 1.4 (number)

source : cna@vuldb.com (string)

type : Primary (string)

}

]

cvssMetricV40 : [ »

0 : { »

cvssData : { »

Automatable : NOT_DEFINED (string)

Recovery : NOT_DEFINED (string)

Safety : NOT_DEFINED (string)

attackComplexity : LOW (string)

attackRequirements : NONE (string)

attackVector : NETWORK (string)

availabilityRequirement : NOT_DEFINED (string)

baseScore : 5.3 (number)

baseSeverity : MEDIUM (string)

confidentialityRequirement : NOT_DEFINED (string)

exploitMaturity : NOT_DEFINED (string)

integrityRequirement : NOT_DEFINED (string)

modifiedAttackComplexity : NOT_DEFINED (string)

modifiedAttackRequirements : NOT_DEFINED (string)

modifiedAttackVector : NOT_DEFINED (string)

modifiedPrivilegesRequired : NOT_DEFINED (string)

modifiedSubAvailabilityImpact : NOT_DEFINED (string)

modifiedSubConfidentialityImpact : NOT_DEFINED (string)

modifiedSubIntegrityImpact : NOT_DEFINED (string)

modifiedUserInteraction : NOT_DEFINED (string)

modifiedVulnAvailabilityImpact : NOT_DEFINED (string)

modifiedVulnConfidentialityImpact : NOT_DEFINED (string)

modifiedVulnIntegrityImpact : NOT_DEFINED (string)

privilegesRequired : NONE (string)

providerUrgency : NOT_DEFINED (string)

subAvailabilityImpact : NONE (string)

subConfidentialityImpact : NONE (string)

subIntegrityImpact : NONE (string)

userInteraction : PASSIVE (string)

valueDensity : NOT_DEFINED (string)

vectorString : CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X (string)

version : 4.0 (string)

vulnAvailabilityImpact : NONE (string)

vulnConfidentialityImpact : NONE (string)

vulnIntegrityImpact : LOW (string)

vulnerabilityResponseEffort : NOT_DEFINED (string)

}

source : cna@vuldb.com (string)

type : Secondary (string)

}

]

}

published : 2025-04-03T08:15:16.863 (string)

references : [ »

0 : { »

source : cna@vuldb.com (string)

url : https://gitee.com/nwtmd5/cve/issues/IBVLYH (string)

}

1 : { »

source : cna@vuldb.com (string)

url : https://vuldb.com/?ctiid.303055 (string)

}

2 : { »

source : cna@vuldb.com (string)

url : https://vuldb.com/?id.303055 (string)

}

3 : { »

source : cna@vuldb.com (string)

url : https://vuldb.com/?submit.525408 (string)

}

]

sourceIdentifier : cna@vuldb.com (string)

vulnStatus : Awaiting Analysis (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-352 (string)

}

1 : { »

lang : en (string)

value : CWE-862 (string)

}

]

source : cna@vuldb.com (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction Passive

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction Required

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Exploitation poc

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction Passive

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction Required

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Exploitation poc

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object