GCVE - cpe:2.3:a:carmelo:staff_audit_system:1.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:carmelo:staff_audit_system:1.0:*:*:*:*:*:*:*

part: a version: 1.0 update: *

Vendor	Carmelo (`6b035a27-935d-5e7e-afc6-e62cb1b98eda`)
Product	Staff Audit System (`505875c7-4882-5fd5-be74-0ab81b26f123`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-7181`	vulnerable	2026-06-03 15:12:30.625077	code-projects Staff Audit System test.php unrestricted upload MEDIUM (6.3) A vulnerability, which was classified as critical, was found in code-projects Staff Audit System 1.0. Affected is an unknown function of the file /test.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Published: 2025-07-08T14:02:05.702Z Updated: 2025-07-08T16:10:46.389Z Open on db.gcve.eu Reference links https://vuldb.com/?id.315120 https://vuldb.com/?ctiid.315120 https://vuldb.com/?submit.606917 https://github.com/kn1g78/cve/blob/main/staff2/staff2.md https://code-projects.org/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-7180`	vulnerable	2026-06-03 15:12:30.624713	code-projects Staff Audit System login.php sql injection HIGH (7.3) A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument User leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Published: 2025-07-08T13:32:05.221Z Updated: 2025-07-08T14:08:15.676Z Open on db.gcve.eu Reference links https://vuldb.com/?id.315119 https://vuldb.com/?ctiid.315119 https://vuldb.com/?submit.606916 https://github.com/kn1g78/cve/blob/main/staff1/staff1.md https://code-projects.org/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-6884`	vulnerable	2026-06-03 15:12:29.257095	code-projects Staff Audit System search_index.php sql injection MEDIUM (6.3) A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /search_index.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Published: 2025-06-30T03:02:05.826Z Updated: 2025-06-30T15:26:09.053Z Open on db.gcve.eu Reference links https://vuldb.com/?id.314363 https://vuldb.com/?ctiid.314363 https://vuldb.com/?submit.603720 https://github.com/qingchuana/q1ngchuan/issues/8 https://code-projects.org/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-6883`	vulnerable	2026-06-03 15:12:29.256486	code-projects Staff Audit System update_index.php sql injection MEDIUM (6.3) A vulnerability classified as critical was found in code-projects Staff Audit System 1.0. This vulnerability affects unknown code of the file /update_index.php. The manipulation of the argument updateid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Published: 2025-06-30T02:32:05.622Z Updated: 2025-06-30T15:27:21.173Z Open on db.gcve.eu Reference links https://vuldb.com/?id.314362 https://vuldb.com/?ctiid.314362 https://vuldb.com/?submit.603719 https://github.com/qingchuana/q1ngchuan/issues/7 https://code-projects.org/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.