Cross Site Scripting Vulnerability in School Management System PHP by Sanin S1r3n
CVE-2025-63443

5.4MEDIUM

Key Information:

Vendor

Sanin S1r3n

Status
School Management System PHP
Vendor
CVE Published:
3 November 2025

What is CVE-2025-63443?

The School Management System PHP v1.0 has a Cross Site Scripting (XSS) vulnerability located in the login functionality. An attacker can exploit this through the password parameter in /login.php, potentially leading to unauthorized actions and access to sensitive user data. Proper sanitization of user input and implementation of security measures are essential to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/sanin-s1r3n/CVE-Research/blob/main/CVE-6

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.