Description

CloudClassroom-PHP-Project v1.0 is affected by an insecure credential transmission vulnerability. The application transmits passwords over unencrypted HTTP during the login process, exposing sensitive credentials to potential interception by network-based attackers. A remote attacker with access to the same network (e.g., public Wi-Fi or compromised router) can capture login credentials via Man-in-the-Middle (MitM) techniques. If the attacker subsequently uses the credentials to log in and exploit administrative functions (e.g., file upload), this may lead to remote code execution depending on the environment.

INFO

Published Date :

2025-06-18T00:00:00.000Z

Last Modified :

2025-06-20T15:48:36.524Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-26199 vulnerability.

Vendors Products
Vishalmathur
  • Cloudclassroom-php Project
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-26199.

URL Resource
https://gist.github.com/tansique-17/6e01bb1b8a09ef499a9b8484a8dc2487 cve-icon cve-icon
https://github.com/tansique-17/CVE-2025-26199/tree/main cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact