CVE-2025-14195
published 2025-12-07CVE-2025-14195: A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file…
low2.1CVSS 4.0
AVNACLATNPRLUINVCLVILVALSCNSINSANEPCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A security flaw has been discovered in code-projects Employee Profile Management System 1.0. Impacted is an unknown function of the file /profiling/add_file_query.php. The manipulation of the argument per_file results in unrestricted upload. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| carmelogarcia | employee_profile_management_system | — | — |
| code-projects | employee_profile_management_system | — | — |
| msrc | azl3_qemu_8.2.0-16_on_azure_linux_3.0 | — | — |
| msrc | cbl2_qemu_6.2.0-24_on_cbl_mariner_2.0 | — | — |