CNNVD-202506-3704 Information
CNNVD ID
CNNVD-202506-3704
Related CVE
- CNNVD Published: 2025-06-29
Description (Chinese)
SourceCodester Simple Company Website是SourceCodester公司的一个简单公司网站。 SourceCodester Simple Company Website 1.0版本存在代码问题漏洞,该漏洞源于文件/classes/SystemSettings.php?f=update_settings中参数img的错误操作,导致无限制上传。
Description (English)
SourceCodester Simple Company Website is a simple corporate website ofourceCodester. SourceCodester Simple Company Version 1.0 has a code problem loophole, which results from the error of the img parameter in file/classes/SystemSettings.php?f=update settings, resulting in unlimited uploading.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
SourceCodester
Published
2025-06-29
Last Modified
2026-02-24
References
https://github.com/ez-lbz/poc/issues/28 https://vuldb.com/?ctiid.314344 https://www.sourcecodester.com/ https://vuldb.com/?id.314344 https://vuldb.com/?submit.603643 https://access.redhat.com/security/cve/cve-2025-6872
Share on: