VDB-308194 · CVE-2025-4480 · GCVE-100-308194

code-projects Simple College Management System 1.0 Add New Student input name/branch ବଫର୍ ଓଭରଫ୍ଲୋ

Dogoggorri kan akka ଜଟିଳ jedhamuun ramadame code-projects Simple College Management System 1.0 keessatti argameera. Miidhaan irra gahe is hojii input kutaa Add New Student keessa. Dhugumatti jijjiirraa irratti raawwatame name/branch gara ବଫର୍ ଓଭରଫ୍ଲୋ geessa. Waliigalteewwan CWE fayyadamuun rakkoo ibsuun gara CWE-121 si geessa. Beekumsi kun yeroo 05/09/2025 ifoomsifameera. Odeeffannoon kun buufachuuf github.com irratti dhiyaateera. Dogoggorri kun maqaa CVE-2025-4480 jedhuun tajaajilama. Weerara sun bakka dhuunfaatti qofa raawwatamuu danda'a. Odeeffannoon teeknikaa ni argama. Akka dabalataan, meeshaa balaa kana fayyadamuuf argama. Qorannoo miidhaa (exploit) beeksifamee jira, namoonni itti fayyadamuu danda'u. Yeroo ammaa, gatii exploit might be approx. USD $0-$5k beekamuu danda'a. ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee murtaa’eera. Exploit kana github.com irraa buufachuu ni dandeessa. Waggaa 0-day ta'ee, gatiin isaa daldala dhoksaa keessatti $0-$5k jedhamee tilmaamame. Once again VulDB remains the best source for vulnerability data.

2 ଆଡାପ୍ଟେସନ୍ · 98 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 05/09/2025 01:45 PM	ଅଦ୍ୟତନ 1/1 10/24/2025 12:44 AM
software_vendor	code-projects	code-projects
software_name	Simple College Management System	Simple College Management System
software_version	1.0	1.0
software_component	Add New Student	Add New Student
software_function	input	input
software_argument	name/branch	name/branch
vulnerability_cwe	CWE-121 (ବଫର୍ ଓଭରଫ୍ଲୋ)	CWE-121 (ବଫର୍ ଓଭରଫ୍ଲୋ)
vulnerability_risk	2	2
cvss3_vuldb_av	L	L
cvss3_vuldb_ac	L	L
cvss3_vuldb_pr	L	L
cvss3_vuldb_ui	N	N
cvss3_vuldb_s	U	U
cvss3_vuldb_c	L	L
cvss3_vuldb_i	L	L
cvss3_vuldb_a	L	L
cvss3_vuldb_e	P	P
cvss3_vuldb_rc	R	R
advisory_url	https://github.com/zzzxc643/cve/blob/main/SIMPLE_COLLEGE_MANAGEMENT_SYSTEM.md	https://github.com/zzzxc643/cve/blob/main/SIMPLE_COLLEGE_MANAGEMENT_SYSTEM.md
exploit_availability	1	1
exploit_publicity	1	1
exploit_url	https://github.com/zzzxc643/cve/blob/main/SIMPLE_COLLEGE_MANAGEMENT_SYSTEM.md	https://github.com/zzzxc643/cve/blob/main/SIMPLE_COLLEGE_MANAGEMENT_SYSTEM.md
source_cve	CVE-2025-4480	CVE-2025-4480
cna_responsible	VulDB	VulDB
software_type	Project Management Software	Project Management Software
cvss2_vuldb_av	L	L
cvss2_vuldb_ac	L	L
cvss2_vuldb_ci	P	P
cvss2_vuldb_ii	P	P
cvss2_vuldb_ai	P	P
cvss2_vuldb_e	POC	POC
cvss2_vuldb_rc	UR	UR
cvss4_vuldb_av	L	L
cvss4_vuldb_ac	L	L
cvss4_vuldb_pr	L	L
cvss4_vuldb_ui	N	N
cvss4_vuldb_vc	L	L
cvss4_vuldb_vi	L	L
cvss4_vuldb_va	L	L
cvss4_vuldb_e	P	P
cvss2_vuldb_au	S	S
cvss2_vuldb_rl	ND	ND
cvss3_vuldb_rl	X	X
cvss4_vuldb_at	N	N
cvss4_vuldb_sc	N	N
cvss4_vuldb_si	N	N
cvss4_vuldb_sa	N	N
cvss2_vuldb_basescore	4.3	4.3
cvss2_vuldb_tempscore	3.7	3.7
cvss3_vuldb_basescore	5.3	5.3
cvss3_vuldb_tempscore	4.8	4.8
cvss3_meta_basescore	5.3	6.1
cvss3_meta_tempscore	4.8	6.0
cvss4_vuldb_bscore	4.8	4.8
cvss4_vuldb_btscore	1.9	1.9
advisory_date	1746741600 (05/09/2025)	1746741600 (05/09/2025)
price_0day	$0-$5k	$0-$5k
cvss3_cna_av		L
cvss3_cna_ac		L
cvss3_cna_pr		L
cvss3_cna_ui		N
cvss3_cna_s		U
cvss3_cna_c		L
cvss3_cna_i		L
cvss3_cna_a		L
cvss3_cna_basescore		5.3
cvss3_nvd_av		L
cvss3_nvd_ac		L
cvss3_nvd_pr		L
cvss3_nvd_ui		N
cvss3_nvd_s		U
cvss3_nvd_c		H
cvss3_nvd_i		H
cvss3_nvd_a		H
cvss3_nvd_basescore		7.8
cvss2_cna_av		L
cvss2_cna_ac		L
cvss2_cna_au		S
cvss2_cna_ci		P
cvss2_cna_ii		P
cvss2_cna_ai		P
cvss2_cna_basescore		4.3
cve_nvd_summary		A vulnerability was found in code-projects Simple College Management System 1.0. It has been declared as critical. This vulnerability affects the function input of the component Add New Student. The manipulation of the argument name/branch leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
cve_nvd_summaryes		Se encontró una vulnerabilidad en code-projects Simple College Management System 1.0. Se ha declarado crítica. Esta vulnerabilidad afecta la entrada de la función del componente "Add New Student". La manipulación del argumento nombre/rama provoca un desbordamiento del búfer en la pila. Es posible lanzar el ataque en el host local. Se ha hecho público el exploit y puede que sea utilizado.
cvss4_cna_av		L
cvss4_cna_ac		L
cvss4_cna_at		N
cvss4_cna_pr		L
cvss4_cna_ui		N
cvss4_cna_vc		L
cvss4_cna_vi		L
cvss4_cna_va		L
cvss4_cna_sc		N
cvss4_cna_si		N
cvss4_cna_sa		N
cvss4_cna_bscore		4.8

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Might our Artificial Intelligence support you?

Check our Alexa App!