Description
A vulnerability was found in code-projects Chamber of Commerce Membership Management System 1.0. Impacted is an unknown function of the file /membership_profile.php of the component Your Info Handler. Performing manipulation of the argument Full Name/Address/City/State results in cross site scripting. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
Published: 2025-12-07
Score: 4.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 10 Dec 2025 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Fabian
Fabian chamber Of Commerce Membership Management System
CPEs cpe:2.3:a:fabian:chamber_of_commerce_membership_management_system:1.0:*:*:*:*:*:*:*
Vendors & Products Fabian
Fabian chamber Of Commerce Membership Management System

Tue, 09 Dec 2025 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Code-projects
Code-projects chamber Of Commerce Membership Management System
Vendors & Products Code-projects
Code-projects chamber Of Commerce Membership Management System

Mon, 08 Dec 2025 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Sun, 07 Dec 2025 23:45:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in code-projects Chamber of Commerce Membership Management System 1.0. Impacted is an unknown function of the file /membership_profile.php of the component Your Info Handler. Performing manipulation of the argument Full Name/Address/City/State results in cross site scripting. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
Title code-projects Chamber of Commerce Membership Management System Your Info membership_profile.php cross site scripting
Weaknesses CWE-79
CWE-94
References
Metrics cvssV2_0

{'score': 3.3, 'vector': 'AV:N/AC:L/Au:M/C:N/I:P/A:N/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 2.4, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 2.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 4.8, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Code-projects Chamber Of Commerce Membership Management System
Fabian Chamber Of Commerce Membership Management System
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2025-12-08T17:11:46.733Z

Reserved: 2025-12-07T08:00:31.656Z

Link: CVE-2025-14205

cve-icon Vulnrichment

Updated: 2025-12-08T17:01:47.072Z

cve-icon NVD

Status : Analyzed

Published: 2025-12-08T00:15:45.413

Modified: 2025-12-10T17:47:46.137

Link: CVE-2025-14205

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-12-08T09:39:20Z

Weaknesses