Description

A vulnerability, which was classified as critical, has been found in ashinigit 天青一白 XueShengZhuSu 学生住宿管理系统 up to 4d3f0ada0e71482c1e51fd5f5615e5a3d8bcbfbb. This issue affects some unknown processing of the file /upload/ of the component Image File Upload. The manipulation of the argument File leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

INFO

Published Date :

2025-05-31T14:00:13.164Z

Last Modified :

2025-06-02T15:47:46.671Z

Source :

VulDB
AFFECTED PRODUCTS

The following products are affected by CVE-2025-5380 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-5380.

URL Resource
https://gitee.com/ashinigit/XueShengZhuSu/issues/IC9VZD cve-icon cve-icon cve-icon
https://vuldb.com/?ctiid.310673 cve-icon cve-icon
https://vuldb.com/?id.310673 cve-icon cve-icon
https://vuldb.com/?submit.583119 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact
Detailed values of each vector for above chart.
Access Vector
Access Complexity
Authentication
Confidentiality Impact
Integrity Impact
Availability Impact