PT-2025-34726 · Unknown · 1000Projects Online Project Report Submission/Evaluation System

Ustc-L1Nk

Published

2025-08-26

Updated

2025-08-26

CVE-2025-9434

Report an issue

CVSS v2.0

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions:

1000projects Online Project Report Submission and Evaluation System version 1.0

Description:

A cross site scripting issue exists in 1000projects Online Project Report Submission and Evaluation System version 1.0. Manipulation of the `desc` argument in the file `/admin/edit title.php?id=1` can lead to exploitation. The issue may be launched remotely and has been publicly disclosed.

Recommendations:

As a temporary workaround, consider restricting access to the `/admin/edit title.php` file to minimize the risk of exploitation.

Exploit

Fix

Code Injection

XSS

Weakness Enumeration

CWE-94CWE-79

Related Identifiers

CVE-2025-9434

Affected Products

1000Projects Online Project Report Submission/Evaluation System

PT-2025-34726 · Unknown · 1000Projects Online Project Report Submission/Evaluation System

Weakness Enumeration

Related Identifiers

Affected Products

References · 8