CVE-2025-13199 MEDIUM

CVE-2025-13199: code-projects Email Logging Interface signup.cpp path traversal

Vendor Code-Projects
Product Email Logging Interface
Weakness CWE-24
Published November 15, 2025
Last update November 17, 2025

CVSS base score

4.8/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

A vulnerability was found in code-projects Email Logging Interface 2.0. Affected is an unknown function of the file signup.cpp. The manipulation of the argument Username results in path traversal: '../filedir'. The attack is only possible with local access. The exploit has been made public and could be used.

Key dates

02Disclosure timeline

November 15, 2025 CVE published
November 17, 2025 Record updated