PT-2025-51141 · Code Projects · Computer Laboratory System Version 1.0
Yohane-Mashiro
·
Published
2025-12-14
·
Updated
2025-12-14
·
CVE-2025-14642
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
code-projects Computer Laboratory System version 1.0
Description
A flaw exists in code-projects Computer Laboratory System 1.0 that allows for unrestricted file uploads through manipulation of the
image argument in the technical staff pic.php file. This issue can be exploited remotely. The exploit details have been publicly disclosed.Recommendations
Apply restrictions to file uploads in the
technical staff pic.php file.
Sanitize the image argument to prevent unrestricted uploads.
Disable or restrict access to the technical staff pic.php file as a temporary measure.Exploit
Fix
Improper Access Control
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Computer Laboratory System Version 1.0