QwikSec

Security Database

CVE

CWE

Training

CVE-2026-25753

Published: Feb 6, 2026

Modified: Feb 9, 2026

PUBLISHED

Description

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application uses a hard-coded, static default password for all newly created student accounts. This results in mass account takeover, allowing any attacker to log in as any student once the password is known.

Vendor	Product	Versions
Praskla-Technology	assessment-placipy	affected `<= 1.0.0`

Weaknesses (CWE)

References

https://github.com/Praskla-Technology/assessment-placipy/security/advisories/GHSA-6537-cf56-j9w2

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.