CVE-2025-14642

Affects: code-projects Computer Laboratory System 1.0. The vulnerability is in the file technical_staff_pic.php, where manipulation of the image parameter can lead to unrestricted file upload. This is described across CNVD/CNVD-derived entries and other references as a remote vulnerability with a...

CVE-2025-56295

CVE-2025-56295 affects the code-projects Computer Laboratory System 1.0. The issue is a file upload vulnerability in the avatar modification flow, where the upload feature does not restrict file types, enabling staff to upload malicious PHP backdoor files. This can be leveraged to establish a web...

CVE-2025-14641

The connected CNVD, RH Red Hat entry, CNNVD, EUVD, NVD, CVE/CVEList, and CVE Records describe a vulnerability in code-projects Computer Laboratory System 1.0 affecting /admin/admin_pic.php where mishandling of the image parameter enables unrestricted file upload. This is a remote-exploitable flaw...

CVE-2025-60307

code-projects Computer Laboratory System 1.0 has an SQL injection vulnerability in the login Password field, enabling authentication bypass by supplying a universal password. Root cause: lack of input validation for the Password parameter, allowing crafted SQL statements to bypass login validatio...