Cross Site Scripting Vulnerability in Traffic Offense Reporting System by Code-Projects
CVE-2025-5651

5.1MEDIUM

Key Information:

Vendor: Code-projects
Status: Traffic Offense Reporting System
Vendor: CVE Published:; 5 June 2025

🔔 Create Code-projects Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-5651?

A cross site scripting vulnerability has been identified in the Traffic Offense Reporting System version 1.0, specifically affecting the processing of user input in the saveuser.php file. The manipulation of parameters including user_id, username, email, name, and position can lead to unauthorized script execution. This issue can be exploited remotely, raising significant security concerns. Users are encouraged to review their systems and apply necessary security measures to mitigate potential attacks.

Affected Version(s)

Traffic Offense Reporting System 1.0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-5651 - Proof of Concept