CVE-2025-14205

Name of the Vulnerable Software and Affected Versions code-projects Chamber of Commerce Membership Management System version 1.0

Description A flaw exists in the Your Info Handler component of the software, specifically within the /membership profile.php file. Manipulation of the Full Name, Address, City, or State arguments can lead to cross site scripting. This issue is remotely exploitable, and details about the exploit are publicly available.

Recommendations Apply a fix for version 1.0 to address the cross site scripting issue. As a temporary workaround, consider sanitizing the Full Name, Address, City, and State input parameters to prevent malicious script injection.