CVE-2025-11657 – ProjectsAndPrograms School Management System createNotice.php unrestricted upload

CVE ID : CVE-2025-11657

Published : Oct. 13, 2025, 3:15 a.m. | 1 hour, 23 minutes ago

Description : A security vulnerability has been detected in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This impacts an unknown function of the file /assets/createNotice.php. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…