A security flaw has been discovered in 1000projects Online Project Report Submission and Evaluation System 1.0. Affected is an unknown function of the file /admin/add_student.php. The manipulation of the argument address results in cross site scripting. The attack can be executed remotely. The exploit has been released to the public and may be exploited.
History

Tue, 02 Sep 2025 18:15:00 +0000

Type Values Removed Values Added
First Time appeared 1000projects online Student Project Report Submission And Evaluation System
CPEs cpe:2.3:a:1000projects:online_student_project_report_submission_and_evaluation_system:1.0:*:*:*:*:*:*:*
Vendors & Products 1000projects online Student Project Report Submission And Evaluation System

Tue, 26 Aug 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 26 Aug 2025 07:30:00 +0000

Type Values Removed Values Added
First Time appeared 1000projects
1000projects online Project Report Submission And Evaluation System
Vendors & Products 1000projects
1000projects online Project Report Submission And Evaluation System

Tue, 26 Aug 2025 02:15:00 +0000

Type Values Removed Values Added
Description A security flaw has been discovered in 1000projects Online Project Report Submission and Evaluation System 1.0. Affected is an unknown function of the file /admin/add_student.php. The manipulation of the argument address results in cross site scripting. The attack can be executed remotely. The exploit has been released to the public and may be exploited.
Title 1000projects Online Project Report Submission and Evaluation System add_student.php cross site scripting
Weaknesses CWE-79
CWE-94
References
Metrics cvssV2_0

{'score': 5, 'vector': 'AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 4.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2025-08-26T18:57:27.627Z

Reserved: 2025-08-25T13:43:26.962Z

Link: CVE-2025-9438

cve-icon Vulnrichment

Updated: 2025-08-26T18:56:09.347Z

cve-icon NVD

Status : Analyzed

Published: 2025-08-26T02:15:37.907

Modified: 2025-09-02T18:14:33.470

Link: CVE-2025-9438

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-08-26T07:20:38Z