← back
CVE-2025-11661

ProjectsAndPrograms School Management System missing authentication

CVSS 6.9 MEDIUMEPSS 0.6%CWE-287CWE-306
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.9EPSS 0.6%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
13 Oct 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability was found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This affects an unknown part. Performing manipulation results in missing authentication. The attack is possible to be carried out remotely. The exploit has been made public and could be used. This product adopts a rolling release strategy to maintain continuous delivery
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Affected products
ProjectsAndPrograms · School Management System

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/qqy-123/cve/issues/6https://vuldb.com/?ctiid.328078https://vuldb.com/?id.328078https://vuldb.com/?submit.665611