PT-2025-51141 · Code Projects · Computer Laboratory System Version 1.0

Yohane-Mashiro

·

Published

2025-12-14

·

Updated

2025-12-14

·

CVE-2025-14642

CVSS v3.1
7.2
VectorAV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions code-projects Computer Laboratory System version 1.0
Description A flaw exists in code-projects Computer Laboratory System 1.0 that allows for unrestricted file uploads through manipulation of the 
image
argument in the 
technical staff pic.php
file. This issue can be exploited remotely. The exploit details have been publicly disclosed.
Recommendations Apply restrictions to file uploads in the 
technical staff pic.php
file. Sanitize the 
image
argument to prevent unrestricted uploads. Disable or restrict access to the 
technical staff pic.php
file as a temporary measure.

Exploit

Fix

Unrestricted File Upload

Improper Access Control

Weakness Enumeration

CWE-434CWE-284

Related Identifiers

CVE-2025-14642

Affected Products

Computer Laboratory System Version 1.0