projectworlds Advanced Library Management System CVE-2025-11425
LOWSeverity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /edit_admin.php. The manipulation of the argument firstname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. Other parameters might be affected as well.
AnalysisAI
Stored cross-site scripting in projectworlds Advanced Library Management System 1.0 allows authenticated users with high privileges to inject malicious scripts via the firstname parameter in /edit_admin.php, affecting other users who view admin profiles. Exploitation requires high-privilege authentication and user interaction (UI:P), limiting real-world impact despite network accessibility. Public exploit code exists and EPSS exploitation probability is minimal at 0.03%, suggesting this remains a low-priority vulnerability despite CVE assignment.
Technical ContextAI
The vulnerability exists in the PHP-based Advanced Library Management System, specifically in the /edit_admin.php endpoint where the firstname parameter fails to sanitize user input before storage or display. This is a classic CWE-79 (Improper Neutralization of Input During Web Page Generation) vulnerability. The affected parameter likely lacks proper output encoding (htmlspecialchars or equivalent) or input validation when processing admin profile data. The vulnerability is context-dependent on PHP's handling of user-supplied data in HTML attributes or JavaScript contexts within the admin interface.
RemediationAI
Immediate patched version information is unavailable from the vendor. As a primary mitigation, implement output encoding in /edit_admin.php by applying htmlspecialchars() or equivalent HTML entity encoding to all user-supplied parameters (firstname and others) before rendering in HTML context. For PHP applications, use context-aware encoding: htmlspecialchars($firstname, ENT_QUOTES, 'UTF-8') for HTML context. Additionally, implement Content Security Policy (CSP) headers with 'script-src' set to 'self' only to prevent inline script execution as a defense-in-depth measure. Input validation via whitelist of allowed characters for firstname fields (alphanumeric + spaces) provides secondary protection. Contact projectworlds for patched version availability or consider upgrading to a newer release if available. Monitor /edit_admin.php access logs for suspicious POST requests with script-like payloads in firstname parameters.
More from same product – last 7 days
Authentication bypass in Discuz! X5.0 releases 20260320 through 20260501 allows unauthenticated remote attackers to acce
Authenticated remote code execution in Discuz! X5.0 releases 20260320 through 20260501 allows administrators to chain a
Unauthenticated PHP Object Injection in the Happyforms WordPress plugin (versions <= 1.26.13) allows remote attackers to
Unauthenticated PHP Object Injection in the Broadcast Live Video WordPress plugin (versions prior to 7.1.3) allows remot
Unauthenticated PHP object injection in the WordPress plugin 'Integration for Keap/Infusionsoft and Contact Form 7, WPFo
Share
External POC / Exploit Code
Leaving vuln.today