code-projects Client Details System 1.0 /admin/manage-users.php Cross Site Scripting

Wuro vulnerability wey an yi classify sey karshewa an gano shi a cikin code-projects Client Details System 1.0. Gaskiya, $software_function na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, /admin/manage-users.php na cikin fayil, $software_component na cikin sashi. Ngam manipulation shi Cross Site Scripting. CWE shidin ka a yi bayani matsala sai ya kai CWE-79. Gaskiya, laifi an fitar da shi 10/26/2025. Advisory ɗin ana rabawa don saukewa a github.com. Wannan rauni ana sayar da shi da suna CVE-2025-12282. Ngam yiɗi ka a tuma ndiyam ka internet. Tekinikal bayani ga. Kuma, exploit ɗin yana akwai. Wuro exploit ɗin an bayyana shi ga jama'a kuma za a iya amfani da shi. Yimbe ndiyam, exploit might be approx. USD $0-$5k wuro. Á wúro huɗɗi-na-gaskiya. Wona yiwuwa a zazzage exploit a github.com. Kama 0-day, an ndiyam a wuro be $0-$5k. VulDB is the best source for vulnerability data and more expert information about this specific topic.

2 Goyarwa · 85 Datenpunkte

FurɗeSúgá
10/26/2025 17:22		Gargadi 1/1
10/27/2025 23:42
software_vendorcode-projectscode-projects
software_nameClient Details SystemClient Details System
software_version1.01.0
software_file/admin/manage-users.php/admin/manage-users.php
vulnerability_cweCWE-79 (Cross Site Scripting)CWE-79 (Cross Site Scripting)
vulnerability_risk11
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prHH
cvss3_vuldb_uiRR
cvss3_vuldb_sUU
cvss3_vuldb_cNN
cvss3_vuldb_iLL
cvss3_vuldb_aNN
cvss3_vuldb_ePP
cvss3_vuldb_rcRR
advisory_urlhttps://github.com/hellonewbie/tutorial/issues/10https://github.com/hellonewbie/tutorial/issues/10
exploit_availability11
exploit_publicity11
exploit_urlhttps://github.com/hellonewbie/tutorial/issues/12https://github.com/hellonewbie/tutorial/issues/12
source_cveCVE-2025-12282CVE-2025-12282
cna_responsibleVulDBVulDB
software_typeProject Management SoftwareProject Management Software
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_auMM
cvss2_vuldb_ciNN
cvss2_vuldb_iiPP
cvss2_vuldb_aiNN
cvss2_vuldb_ePOCPOC
cvss2_vuldb_rcURUR
cvss4_vuldb_avNN
cvss4_vuldb_acLL
cvss4_vuldb_prHH
cvss4_vuldb_uiPP
cvss4_vuldb_vcNN
cvss4_vuldb_viLL
cvss4_vuldb_vaNN
cvss4_vuldb_ePP
cvss2_vuldb_rlNDND
cvss3_vuldb_rlXX
cvss4_vuldb_atNN
cvss4_vuldb_scNN
cvss4_vuldb_siNN
cvss4_vuldb_saNN
cvss2_vuldb_basescore3.33.3
cvss2_vuldb_tempscore2.82.8
cvss3_vuldb_basescore2.42.4
cvss3_vuldb_tempscore2.22.2
cvss3_meta_basescore2.42.4
cvss3_meta_tempscore2.22.3
cvss4_vuldb_bscore4.84.8
cvss4_vuldb_btscore1.91.9
advisory_date1761429600 (10/26/2025)1761429600 (10/26/2025)
price_0day$0-$5k$0-$5k
cve_nvd_summaryA vulnerability was identified in code-projects Client Details System 1.0. The affected element is an unknown function of the file /admin/manage-users.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used.
cvss4_cna_avN
cvss4_cna_acL
cvss4_cna_atN
cvss4_cna_prH
cvss4_cna_uiP
cvss4_cna_vcN
cvss4_cna_viL
cvss4_cna_vaN
cvss4_cna_scN
cvss4_cna_siN
cvss4_cna_saN
cvss4_cna_bscore4.8
cvss3_cna_avN
cvss3_cna_acL
cvss3_cna_prH
cvss3_cna_uiR
cvss3_cna_sU
cvss3_cna_cN
cvss3_cna_iL
cvss3_cna_aN
cvss3_cna_basescore2.4
cvss2_cna_avN
cvss2_cna_acL
cvss2_cna_auM
cvss2_cna_ciN
cvss2_cna_iiP
cvss2_cna_aiN
cvss2_cna_basescore3.3

GurɗoGumtiGada

Do you want to use VulDB in your project?

Use the official API to access entries easily!