CVE-2025-10447

A vulnerability was detected in Campcodes Online Job Finder System 1.0. The impacted element is an unknown function of the file /eris/applicationform.php. The manipulation of the argument picture results in unrestricted upload. It is possible to launch the attack remotely. The exploit is now public and may be used.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.3 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
VulDBCNA
7.3 HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 18%
VendorProductVersion
campcodesonline_job_finder_system
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/HAO-RAY/HCR-CVE/issues/6
https://vuldb.com/?ctiid.323881
https://vuldb.com/?id.323881
https://vuldb.com/?submit.648014
https://www.campcodes.com/
https://github.com/HAO-RAY/HCR-CVE/issues/6