Lucene search
K
Code-projectsLibrary System

4 matches found

CVE
CVE
added 2025/07/10 7:32 p.m.31 views

CVE-2025-7412

CVE-2025-7412 concerns code-projects Library System 1.0. The vulnerability lies in /user/student/profile.php where manipulation of the image parameter enables unrestricted file upload. Allied reports (Red Hat, NVD, CNVD, PT-Security, CNVD, etc.) consistently describe the issue as a critical, remo...

8.8CVSS6.5AI score0.00311EPSS
Web
CVE
CVE
added 2025/07/10 8:2 p.m.22 views

CVE-2025-7413

The CVE-2025-7413 issue affects code-projects Library System 1.0, specifically the /user/teacher/profile.php file. The root cause is improper handling/validation of the image parameter, which allows unrestricted file uploads. This enables remote initiation of an attack and matches the reported pu...

8.8CVSS7.2AI score0.00311EPSS
Web
CVE
CVE
added 2025/11/24 3:2 a.m.13 views

CVE-2025-13580

The CVE-2025-13580 entry relates to Library System 1.0 (code-projects). Multiple connected sources confirm SQL injection in the /mail.php file caused by unsafely handling the ID parameter, enabling remote exploitation. Descriptions consistently attribute the vulnerability to lack of input validat...

8.8CVSS6.7AI score0.00267EPSS
CVE
CVE
added 2025/11/24 2:32 a.m.9 views

CVE-2025-13579

CVE-2025-13579 affects code-projects Library System 1.0, specifically the file /return.php. Multiple connected records confirm a SQL Injection vulnerability originating from the ID parameter, enabling remote exploitation. The vulnerability is widely documented across CVE feeds (NVD/NVD mirror, RH...

8.8CVSS6.7AI score0.00267EPSS