CVE-2025-14583

Description

A flaw has been found in campcodes Online Student Enrollment System 1.0. This impacts an unknown function of the file /admin/register.php. Executing manipulation of the argument photo can lead to unrestricted upload. The attack can be launched remotely. The exploit has been published and may be used.

PUBLISHED Reserved 2025-12-12 | Published 2025-12-12 | Updated 2025-12-15 | Assigner VulDB

Problem types

Unrestricted Upload

Improper Access Controls

Product status

Timeline

Credits

joajoa (VulDB User) reporter

References

vuldb.com/?id.336203 (VDB-336203 | campcodes Online Student Enrollment System register.php unrestricted upload) vdb-entry technical-description

vuldb.com/?ctiid.336203 (VDB-336203 | CTI Indicators (IOB, IOC, TTP, IOA)) signature permissions-required

vuldb.com/?submit.705525 (Submit #705525 | campcodes Online Student Enrollment System V1.0 Unrestricted Upload) third-party-advisory

github.com/CHENCHOUCHOU/vuln/issues/1 exploit issue-tracking

www.campcodes.com/ product

cve.org (CVE-2025-14583)

nvd.nist.gov (CVE-2025-14583)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.