Description
A security vulnerability has been detected in code-projects Student File Management System 1.0. This affects an unknown part of the file /save_file.php. Such manipulation of the argument File leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
Published: 2025-12-24
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 30 Dec 2025 22:15:00 +0000

Type Values Removed Values Added
First Time appeared Fabian
Fabian student File Management System
CPEs cpe:2.3:a:fabian:student_file_management_system:1.0:*:*:*:*:*:*:*
Vendors & Products Fabian
Fabian student File Management System

Wed, 24 Dec 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 24 Dec 2025 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Code-projects
Code-projects student Management System
Vendors & Products Code-projects
Code-projects student Management System

Wed, 24 Dec 2025 01:00:00 +0000

Type Values Removed Values Added
Description A security vulnerability has been detected in code-projects Student File Management System 1.0. This affects an unknown part of the file /save_file.php. Such manipulation of the argument File leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
Title code-projects Student File Management System save_file.php unrestricted upload
Weaknesses CWE-284
CWE-434
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Code-projects Student Management System
Fabian Student File Management System
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2025-12-24T14:21:48.005Z

Reserved: 2025-12-23T14:23:52.060Z

Link: CVE-2025-15050

cve-icon Vulnrichment

Updated: 2025-12-24T14:21:42.624Z

cve-icon NVD

Status : Analyzed

Published: 2025-12-24T01:16:14.810

Modified: 2026-04-29T01:00:01.613

Link: CVE-2025-15050

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-12-24T11:51:01Z

Weaknesses