{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-12283","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2025-10-26T16:17:06.481Z","datePublished":"2025-10-27T14:02:05.718Z","dateUpdated":"2026-01-07T16:50:56.310Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2025-10-27T14:02:05.718Z"},"title":"code-projects Client Details System authorization","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-639","lang":"en","description":"Authorization Bypass"}]},{"descriptions":[{"type":"CWE","cweId":"CWE-285","lang":"en","description":"Improper Authorization"}]}],"affected":[{"vendor":"code-projects","product":"Client Details System","versions":[{"version":"1.0","status":"affected"}]}],"descriptions":[{"lang":"en","value":"A security flaw has been discovered in code-projects Client Details System 1.0. The impacted element is an unknown function. The manipulation results in authorization bypass. The attack can be launched remotely. The exploit has been released to the public and may be exploited."},{"lang":"de","value":"Es wurde eine Schwachstelle in code-projects Client Details System 1.0 entdeckt. Dabei geht es um eine nicht genauer bekannte Funktion. Dank Manipulation mit unbekannten Daten kann eine authorization bypass-Schwachstelle ausgenutzt werden. Der Angriff lässt sich über das Netzwerk starten. Der Exploit ist öffentlich verfügbar und könnte genutzt werden."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":5.3,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":4.3,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":4.3,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":4,"vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N/E:POC/RL:ND/RC:UR"}}],"timeline":[{"time":"2025-10-26T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2025-10-26T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2025-10-26T17:23:13.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"LiuJiYing (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.329953","name":"VDB-329953 | code-projects Client Details System authorization","tags":["vdb-entry"]},{"url":"https://vuldb.com/?ctiid.329953","name":"VDB-329953 | CTI Indicators (IOB, IOC)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.674213","name":"Submit #674213 | code-projects Client Details System V1.0 Insecure Direct Object Reference","tags":["third-party-advisory"]},{"url":"https://github.com/hellonewbie/tutorial/issues/11","tags":["exploit","issue-tracking"]},{"url":"https://code-projects.org/","tags":["product"]}],"tags":["x_freeware"]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-01-07T16:50:22.361315Z","id":"CVE-2025-12283","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-01-07T16:50:56.310Z"}}]}}