CVE-2025-11343

📊 6.9 MEDIUM⚡ 0.0%🎯 0 exploits

📅 Published Oct 6, 2025

📋 Status: Analyzed

A security vulnerability has been detected in code-projects Student Crud Operation 3.3. Affected is an unknown function of the file delete.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.

CVSS v3.1 • [email protected]

🎯 Affected Products & Systems

1 product configurations affected

Filter by type:

Type	Vendor	Product	Version Range	Status	CPE String
📱App	code-projects	crud operation system	≤ 3.3	Vulnerable	cpe:2.3:a:code-projects:crud_operation_system::::::::

📱

code-projects / crud operation system

Application

Vulnerable

Version: ≤ 3.3

CPE:

cpe:2.3:a:code-projects:crud_operation_system:*:*:*:*:*:*:*:*

Metrics

6.9 MEDIUMCVSS v4.0[email protected]

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

🔍 Technical Details

Analysis Status

Analyzed

CVSS Details

6.9 (MEDIUM)v4.0

Source: [email protected]

EPSS Details

0.0% (Minimal)7.9th percentile

Last updated: Oct 31, 2025

Exploitation probability within 30 days

Published Date

Oct 6, 2025 (27 days ago)

Last Modified

Oct 14, 2025 (19 days ago)

Security Weaknesses3

CWE-74CWE-89

References5

NVDgeneralgeneral+2