CVE-2025-10424 | 1000projects Online Student Project Report Submission and Evaluation System faculty_controller.php unrestricted upload

Inserito da Angelo Barbosa | Set 14, 2025 | CVE

A vulnerability identified as critical has been detected in 1000projects Online Student Project Report Submission and Evaluation System 1.0. The affected element is an unknown function of the file /admin/controller/faculty_controller.php. This manipulation of the argument new_image causes unrestricted upload.

This vulnerability is tracked as CVE-2025-10424. The attack is possible to be carried out remotely. Moreover, an exploit is present.

CVE-2025-10424 | 1000projects Online Student Project Report Submission and Evaluation System faculty_controller.php unrestricted upload

Post correlati

CVE-2024-41715 | goTenna Pro ATAK Plugin up to 1.9.12 Length observable response discrepancy (icsa-24-270-05)

CVE-2024-52277 | DocuSeal up to 1.8.1 clickjacking

CVE-2024-5110 | Campcodes Complete Web-Based School Management System 1.0 student_payment_invoice.php index sql injection

CVE-2024-20806 | Samsung Mobile Devices Notification Service access control