CNNVD-202512-1039 Information

CNNVD ID

CNNVD-202512-1039

Related CVE

CVE-2025-14205

• CNNVD Published: 2025-12-08

Description (Chinese)

Code-Projects Intern Membership Management System是Code-Projects开源的一个实习生会员管理系统。 Code-Projects Intern Membership Management System 1.0版本存在代码注入漏洞，该漏洞源于对文件/membership_profile.php中参数Full Name/Address/City/State的错误操作，可能导致跨站脚本攻击。

Description (English)

Code-Projects Inter-Membership Management System is an open-source intern member management system for Code-Projects. Version 1.0 of Code-Project InterMembership Management System contains a code-injection loophole, which results from a mishandling of the parameter Full Name/Address/City/State in the file/membership profile.php, which may result in a cross-site script attack.

Hazard Level

Critical

Vulnerability Type

代码注入

Affected Vendor

Code-Projects

Published

2025-12-08

Last Modified

2026-02-24

References

https://code-projects.org/ https://vuldb.com/?ctiid.334648 https://vuldb.com/?id.334648 https://vuldb.com/?submit.700421 https://www.yuque.com/u42535181/pm5nde/ky49h1xg6si9d3m8#zdDXX https://access.redhat.com/security/cve/cve-2025-14205