CNNVD-202510-1106 Information
CNNVD ID
CNNVD-202510-1106
Related CVE
- CNNVD Published: 2025-10-07
Description (Chinese)
Code-Projects Student Crud Operation是Code-Projects开源的一个学生信息系统 Code-Projects Student Crud Operation 3.3及之前版本存在代码问题漏洞,该漏洞源于对文件add.php中move_uploaded_file函数的操作不当,可能导致任意文件上传。
Description (English)
Code-Projects Stuart Crud Operation is an open-source student information system for Code-Projects The Code-Projects Manual Operation 3.3 and previous versions had a code gap, which stemmed from the inappropriate operation of the move upload file function in documentadd.php and could lead to any upload.
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
Code-Projects
Published
2025-10-07
Last Modified
2026-02-24
References
https://code-projects.org/ https://github.com/romatdibrohiksnov/vulndb.com/tree/main/Student-Registration-Crud-Operation%20Unauthenticated%20Arbitrary%20File%20Upload%20leads%20to%20Remote%20Code%20Execution https://vuldb.com/?ctiid.327232 https://vuldb.com/?id.327232 https://vuldb.com/?submit.664897
Share on: