CVE-2025-70151 | code-projects Scholars Tracking System 1.0 Endpoint update_profile_picture.php unrestricted upload

Inserito da Angelo Barbosa | Feb 18, 2026 | CVE

A vulnerability was found in code-projects Scholars Tracking System 1.0. It has been classified as critical. This affects an unknown part of the file update_profile_picture.php of the component Endpoint. This manipulation causes unrestricted upload.

This vulnerability is registered as CVE-2025-70151. Remote exploitation of the attack is possible. No exploit is available.

CVE-2025-70151 | code-projects Scholars Tracking System 1.0 Endpoint update_profile_picture.php unrestricted upload

Post correlati

CVE-2023-46141 | Phoenix Contact Automation Worx Software Suite permission assignment (VDE-2023-055)

CVE-2024-36575 | getsetprop 1.1.0 global.accessor prototype pollution

CVE-2024-27244 | Zoom Workplace VDI App prior 5.17.10 on Windows Installer data authenticity (ZSB-24015)

CVE-2025-5788 | TOTOLINK X15 1.0.0-B20230714.1105 HTTP POST Request formReflashClientTbl submit-url buffer overflow