CVE-2025-56295
HIGHCVSS v3.1: 7.3 · EPSS: 0.0031 (23.0 percentile)
Source data as of:
At a glance
- Severity
- HIGH
- CVSS
- 7.3 v3.1 · NVD
- EPSS
- 0.0031 (23.0 percentile) · FIRST.org
- CISA KEV
- No
- Type
- Unrestricted Upload · NVD CWE
- Attack conditions (CVSS vector)
- Network · Source: NVD Vector
- Affected vendors
- carmelo
- Published
- 2025-09-16 · Modified: 2026-07-05
- References
- Jump to references (1)
CVSS / EPSS / KEV
Source — CVSS: NVD · EPSS: FIRST.org · KEV: CISA. Data & Sources
Description
code-projects Computer Laboratory System 1.0 has a file upload vulnerability. Staff can upload malicious files by uploading PHP backdoor files when modifying personal avatar information and use web shell connection tools to obtain server permissions.
References
Reference URLs as listed by NVD, grouped by a mechanical match on the link's host/pattern. Labels describe the link type only.