CVE-2025-11347
A vulnerability was found in code-projects Student Crud Operation up to 3.3. This vulnerability affects the function move_uploaded_file of the file add.php of the component Add Student Page/Edit Student Page. Performing manipulation results in unrestricted upload. The attack can be initiated remotely. The exploit has been made public and could be used.
| Software | From | Fixed in |
|---|---|---|
| code-projects / crud_operation_system | - | 3.3.x |
- https://code-projects.org/
- https://github.com/romatdibrohiksnov/vulndb.com/tree/main/Student-Registration-Crud-Operation%20Unauthenticated%20Arbitrary%20File%20Upload%20leads%20to%20Remote%20Code%20Execution
- https://vuldb.com/?ctiid.327232
- https://vuldb.com/?id.327232
- https://vuldb.com/?submit.664897
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime