Code-Projects Student Crud Operation vulnerabilities

CVE-2025-11347 [MEDIUM] CWE-284 CVE-2025-11347: A vulnerability was found in code-projects Student Crud Operation up to 3.3. This vulnerability affe A vulnerability was found in code-projects Student Crud Operation up to 3.3. This vulnerability affects the function move_uploaded_file of the file add.php of the component Add Student Page/Edit Student Page. Performing manipulation results in unrestricted upload. The attack can be initiated remotely. The exploit has been made public and could be us

CVE-2025-11343 [MEDIUM] CWE-74 CVE-2025-11343: A security vulnerability has been detected in code-projects Student Crud Operation 3.3. Affected is A security vulnerability has been detected in code-projects Student Crud Operation 3.3. Affected is an unknown function of the file delete.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.