Cross-Site Scripting Vulnerability in Code-Projects Traffic Offense Reporting System
CVE-2025-5757

5.1MEDIUM

Key Information:

Vendor: Code-projects
Status: Traffic Offense Reporting System
Vendor: CVE Published:; 6 June 2025

🔔 Create Code-projects Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-5757?

A vulnerability exists in the Code-Projects Traffic Offense Reporting System version 1.0, specifically within the /save-reported.php file. This issue allows remote attackers to manipulate various arguments such as offence_id, vehicle_no, driver_license, name, address, gender, officer_reporting, and offence to execute cross-site scripting attacks. The nature of this weakness enables potential exploitation leading to unauthorized actions on behalf of users. This vulnerability has been publicly disclosed, raising concerns for users and administrators of the affected product.

Affected Version(s)

Traffic Offense Reporting System 1.0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-5757 - Proof of Concept