CNNVD-202509-2277 Information

CNNVD ID

CNNVD-202509-2277

Related CVE

CVE-2025-10424

• CNNVD Published: 2025-09-15

Description (Chinese)

1000 Projects Online Student Project Report是1000 Projects开源的一个在线学生项目报告系统。 1000 Projects Online Student Project Report Submission and Evaluation System 1.0版本存在代码问题漏洞，该漏洞源于对文件/admin/controller/faculty_controller.php中参数new_image的错误操作，可能导致任意文件上传。

Description (English)

The 1,000 Projects Online Project Report is an online student project reporting system open to 1,000 Projects. 1000 Projects Online Study Project Report Submission and Evaluation System Version 1.0 has a code-issue loophole, which results from an error in the parameter new image in file/admin/controller/faculty controller.php, which may lead to any upload.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

1000 Projects

Published

2025-09-15

Last Modified

2026-02-24

References

https://github.com/lan041221/cvec/issues/22 https://vuldb.com/?ctiid.323858 https://vuldb.com/?id.323858 https://vuldb.com/?submit.647173 https://vuldb.com/?submit.647176