Skip to content

Commit 0dbc518

Browse files
advisory-database[bot]advisory-database[bot]
committed
1 parent f429acc commit 0dbc518

File tree

1 file changed

+31
-6
lines changed

1 file changed

+31
-6
lines changed

advisories/unreviewed/2025/11/GHSA-xmh7-35v2-fp6h/GHSA-xmh7-35v2-fp6h.json renamed to advisories/github-reviewed/2025/11/GHSA-xmh7-35v2-fp6h/GHSA-xmh7-35v2-fp6h.json

Lines changed: 31 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,12 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-xmh7-35v2-fp6h",
4-
"modified": "2025-11-30T09:30:18Z",
4+
"modified": "2025-12-12T16:52:27Z",
55
"published": "2025-11-30T09:30:18Z",
66
"aliases": [
77
"CVE-2025-13785"
88
],
9+
"summary": "Skuul School Management System has a Sensitive Data Exposure Vulnerability in Uploaded Images",
910
"details": "A security vulnerability has been detected in yungifez Skuul School Management System up to 2.6.5. This issue affects some unknown processing of the file /user/profile of the component Image Handler. Such manipulation leads to information disclosure. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
1011
"severity": [
1112
{
@@ -14,10 +15,30 @@
1415
},
1516
{
1617
"type": "CVSS_V4",
17-
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P"
19+
}
20+
],
21+
"affected": [
22+
{
23+
"package": {
24+
"ecosystem": "Packagist",
25+
"name": "yungifez/skuul"
26+
},
27+
"ranges": [
28+
{
29+
"type": "ECOSYSTEM",
30+
"events": [
31+
{
32+
"introduced": "0"
33+
},
34+
{
35+
"last_affected": "2.6.4"
36+
}
37+
]
38+
}
39+
]
1840
}
1941
],
20-
"affected": [],
2142
"references": [
2243
{
2344
"type": "ADVISORY",
@@ -27,6 +48,10 @@
2748
"type": "WEB",
2849
"url": "https://gist.github.com/thezeekhan/02f5255506080849fc732eea07008634"
2950
},
51+
{
52+
"type": "PACKAGE",
53+
"url": "https://github.com/yungifez/skuul"
54+
},
3055
{
3156
"type": "WEB",
3257
"url": "https://vuldb.com/?ctiid.333789"
@@ -44,9 +69,9 @@
4469
"cwe_ids": [
4570
"CWE-200"
4671
],
47-
"severity": "MODERATE",
48-
"github_reviewed": false,
49-
"github_reviewed_at": null,
72+
"severity": "LOW",
73+
"github_reviewed": true,
74+
"github_reviewed_at": "2025-12-12T16:52:27Z",
5075
"nvd_published_at": "2025-11-30T08:15:45Z"
5176
}
5277
}

0 commit comments

Comments
 (0)