CVE-2025-5214 – Kashipara Responsive Online Learning Platform SQL Injection Vulnerability

CVE ID : CVE-2025-5214

Published : May 27, 2025, 12:15 a.m. | 1 hour, 18 minutes ago

Description : A vulnerability was found in Kashipara Responsive Online Learing Platform 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /courses/course_detail_user_new.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The name of the affected product appears to have a typo in it.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

آسیب‌پذیری‌های جدید و وصله‌های امنیتی به‌صورت مداوم منتشر می‌شوند و عدم بروزرسانی به‌موقع می‌تواند امنیت سرویس‌های حیاتی را به خطر بیندازد. خدمات مدیریت و پشتیبانی سرور آفاق هاستینگ شامل پایش امنیتی، بروزرسانی نرم‌افزارها، نصب Patchهای امنیتی و سخت‌سازی سرورها است.

خدمات مدیریت و امنیت سرور

نوشته های مشابه

CVE-2026-34028 – Unauthenticated direct access to web data in Wertheim SafeController Software exposes files

CVE-2026-5482 – Remote Code Execution via Unrestricted File Upload in Responsive FileManager

CVE-2026-49757 – OAuth2/OIDC account takeover in AshAuthentication via email-based user matching

CVE-2026-34030 – Improper branch-code validation in Wertheim SafeController Software allows file path manipulation