Unknown · Code-Projects Document Management System · CVE-2025-8171
**Name of the Vulnerable Software and Affected Versions**
code-projects Document Management System version 1.0
**Description**
A critical issue has been found in code-projects Document Management System that allows for unrestricted file upload through manipulation of the `uploaded file` argument in the `/insert.php` endpoint. The attack can be initiated remotely. The exploit has been publicly disclosed.
**Recommendations**
Address the unrestricted upload issue in the processing of the `/insert.php` file.
Sanitize or validate the `uploaded file` argument to prevent malicious file uploads.