code-projects Computer Laboratory System technical_staff_pic.php unrestricted upload_CVE-2025-14642

5.1 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in code-projects Computer Laboratory System 1.0. Impacted is an unknown function of the file technical_staff_pic.php. Such manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2025-14642

Source VulDB

Published Dec 14, 2025 at 02:32

Affected Product

Vendor code-projects

Product Computer Laboratory System

Version 1.0

Affected Versions code-projects Computer Laboratory System 1.0

CWE Classification

CWE-434 CWE-284

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in code-projects Computer Laboratory System 1.0. Impacted is an unknown function of the file technical_staff_pic.php. Such manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.",
    "published": "2025-12-14T02:32:06.493Z",
    "modified": "2025-12-14T02:32:06.493Z",
    "type": "cve",
    "title": "code-projects Computer Laboratory System technical_staff_pic.php unrestricted upload",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.336375\nhttps://vuldb.com/?ctiid.336375\nhttps://vuldb.com/?submit.707866\nhttps://github.com/Yohane-Mashiro/cve/blob/main/upload%204.md\nhttps://code-projects.org/",
    "id": "CVE-2025-14642",
    "bulletinFamily": "",
    "cwe": [
        "CWE-434",
        "CWE-284"
    ],
    "cvelist": null,
    "sourceData": "code-projects Computer Laboratory System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Computer Laboratory System",
    "version": "1.0",
    "vendor": "code-projects",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}