Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

ProjectsAndPrograms — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting ProjectsAndPrograms. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ProjectsAndPrograms is a project and program management platform designed to streamline organizational workflows and collaboration. Historically, it has been susceptible to multiple vulnerability classes, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation, with nine CVEs documented to date. The platform's security posture has been compromised by authentication bypass flaws and insufficient input validation, allowing unauthorized access and data manipulation. While no major public incidents have been widely reported, the consistent pattern of vulnerabilities suggests ongoing challenges in secure coding practices, particularly in user access controls and API security implementations.

Top products by ProjectsAndPrograms: School Management System school-management-system
CVE IDTitleCVSSSeverityPublished
CVE-2026-47325 Weak password policy in ProjectsAndPrograms school-management-system — school-management-systemCWE-1391--2026-06-03
CVE-2026-47324 Stored XSS in Multiple Points in ProjectsAndPrograms school-management-system — school-management-systemCWE-79--2026-06-03
CVE-2026-6595 ProjectsAndPrograms School Management System HTTP GET Parameter buslocation.php sql injection — School Management SystemCWE-89 7.3 High2026-04-20
CVE-2026-5472 ProjectsAndPrograms School Management System Profile Picture settings.php unrestricted upload — School Management SystemCWE-434 6.3 Medium2026-04-03
CVE-2025-11661 ProjectsAndPrograms School Management System missing authentication — School Management SystemCWE-306 7.3 High2025-10-13
CVE-2025-11660 ProjectsAndPrograms School Management System uploadSllyabus.php unrestricted upload — School Management SystemCWE-434 7.3 High2025-10-13
CVE-2025-11659 ProjectsAndPrograms School Management System uploadNotes.php unrestricted upload — School Management SystemCWE-434 7.3 High2025-10-13
CVE-2025-11658 ProjectsAndPrograms School Management System changeSllyabus.php unrestricted upload — School Management SystemCWE-434 7.3 High2025-10-13
CVE-2025-11657 ProjectsAndPrograms School Management System createNotice.php unrestricted upload — School Management SystemCWE-434 7.3 High2025-10-13
CVE-2025-11656 ProjectsAndPrograms School Management System editNotes.php unrestricted upload — School Management SystemCWE-434 7.3 High2025-10-13
CVE-2025-11056 ProjectsAndPrograms School Management System select-students.php sql injection — School Management SystemCWE-89 6.3 Medium2025-09-27

This page lists every published CVE security advisory associated with ProjectsAndPrograms. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.