CVE-2025-70151

EUVD-2025-207783

18.02.2026, 18:24

code-projects Scholars Tracking System 1.0 allows an authenticated attacker to achieve remote code execution via unrestricted file upload. The endpoints update_profile_picture.php and upload_picture.php store uploaded files in a web-accessible uploads/ directory using the original, user-supplied filename without validating the file type or extension. By uploading a PHP file and then requesting it from /uploads/, an attacker can execute arbitrary PHP code as the web server user.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	8.8 HIGH	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Affected Products (NVD)

Vendor	Product	Version
fabian	scholars_tracking_system	1.0

𝑥

= Vulnerable software versions

Known Exploits!

https://youngkevinn.github.io/posts/CVE-2025-70151-Scholars-FileUpload-RCE/

Common Weakness Enumeration

CWE-434 - Unrestricted Upload of File with Dangerous Type
The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.

References

https://code-projects.org/scholars-tracking-system-in-php-with-source-code/

https://youngkevinn.github.io/posts/CVE-2025-70151-Scholars-FileUpload-RCE/