CVE-2025-12862 | projectworlds Online Notes Sharing Platform 1.0 userprofile.php image unrestricted upload

Inserito da Angelo Barbosa | Nov 7, 2025 | CVE

A vulnerability, which was classified as critical, was found in projectworlds Online Notes Sharing Platform 1.0. Affected by this issue is some unknown functionality of the file /dashboard/userprofile.php. Such manipulation of the argument image leads to unrestricted upload.

This vulnerability is listed as CVE-2025-12862. The attack may be performed from remote. In addition, an exploit is available.

CVE-2025-12862 | projectworlds Online Notes Sharing Platform 1.0 userprofile.php image unrestricted upload

Post correlati

CVE-2024-1150 | Snow Inventory Agent up to 7.3.1 on Unix signature verification

CVE-2025-4826 | TOTOLINK A702R/A3002R/A3002RU 3.0.0-B20230809.1615 HTTP POST Request /boafrm/formWirelessTbl submit-url buffer overflow

CVE-2025-9384 | appneta tcpreplay up to 4.5.1 parse_args.c tcpedit_post_args null pointer dereference (Issue 971)

CVE-2025-8555 | atjiu pybbs up to 6.0.0 /search keyword cross site scripting (Issue 208)