CVE Catalog

CVE-2025-9953

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.35%

27th percentile - higher than 27% of all known CVEs

Summary

A vulnerability in Databank Accreditation Software allows authorization bypass through user-controlled SQL primary key, enabling SQL Injection.

Risk Assessment

Exploitation of this vulnerability may lead to unauthorized access to sensitive data within the system, posing a serious security threat to the organization.

Recommendation

It is recommended to update the Databank Accreditation Software to a version after 2026/04 to mitigate this vulnerability.

Original NVD description (English source)

Authorization Bypass Through User-Controlled SQL Primary Key vulnerability in DATABASE Software Training Consulting Ltd. Databank Accreditation Software allows SQL Injection. This issue affects Databank Accreditation Software: before 2026/04.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS