CVE-2025-7124

Name of the Vulnerable Software and Affected Versions: code-projects Online Note Sharing version 1.0

Description: A critical issue has been discovered, affecting an unknown function of the file /dashboard/userprofile.php of the component Profile Image Handler. The manipulation of the image argument leads to unrestricted upload. This issue can be exploited remotely.

Recommendations: For code-projects Online Note Sharing version 1.0, consider restricting access to the /dashboard/userprofile.php file to minimize the risk of exploitation. As a temporary workaround, avoid using the image argument in the affected component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.