CVE-2025-4029 — MEDIUM (5.3)

Vulnerability Description

A vulnerability was found in code-projects Personal Diary Management System 1.0 and classified as critical. Affected by this issue is the function addrecord of the component New Record Handler. The manipulation of the argument filename leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

LOW

Affected Products

Vendor	Product	Versions
Fabian	Personal Diary Management System	1.0

Related Weaknesses (CWE)

CWE-121 CWE-119 CWE-787

References

https://code-projects.org/Product
https://github.com/zzzxc643/cve/blob/main/Diary%20Management%20System%20Stack%20Exploit
https://vuldb.com/?ctiid.306392Permissions RequiredVDB Entry
https://vuldb.com/?id.306392Third Party AdvisoryVDB Entry
https://vuldb.com/?submit.559198Third Party AdvisoryVDB Entry

FAQ

What is CVE-2025-4029?

CVE-2025-4029 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A vulnerability was found in code-projects Personal Diary Management System 1.0 and classified as critical. Affected by this issue is the function addrecord of the component New Record Handler. The ma...

How severe is CVE-2025-4029?

CVE-2025-4029 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-4029?

Check the references section above for vendor advisories and patch information. Affected products include: Fabian Personal Diary Management System.