CVE-2025-4069
published 2025-04-29CVE-2025-4069: A vulnerability, which was classified as critical, has been found in code-projects Product Management System 1.0. Affected by this issue is the function…
medium4.8CVSS 4.0
AVLACLATNPRLUINVCLVILVALSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability, which was classified as critical, has been found in code-projects Product Management System 1.0. Affected by this issue is the function add_item. The manipulation of the argument st.productname leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| code-projects | product_management_system | — | — |
| msrc | cbl2_vim_8.2.4081-1_on_cbl_mariner_2.0 | — | — |
| msrc | cm1_vim_8.2.3668-3_on_cbl_mariner_1.0 | — | — |