CVE-2025-3150

Summary

A vulnerability was found in itning Student Homework Management System up to 1.2.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Multiple endpoints might be affected.

Affected Software

VendorProductVersion RangeStatus
itningStudent Homework Management System1.2.0affected
itningStudent Homework Management System1.2.1affected
itningStudent Homework Management System1.2.2affected
itningStudent Homework Management System1.2.3affected
itningStudent Homework Management System1.2.4affected
itningStudent Homework Management System1.2.5affected
itningStudent Homework Management System1.2.6affected
itningStudent Homework Management System1.2.7affected

Weaknesses

  • CWE-352: Cross-Site Request Forgery
  • CWE-862: Missing Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References