CVE-2025-2952 Information

Description

A vulnerability classified as critical was found in Bluestar Micro Mall 1.0. Affected by this vulnerability is an unknown functionality of the file /api/api.php?mod=upload&type=1. The manipulation of the argument File leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Reference

https://vuldb.com/?ctiid.302005 https://vuldb.com/?id.302005 https://www.jianshu.com/p/22d3ae38e628?v=1742101731758 https://www.jianshu.com/p/22d3ae38e628?v=1742101731758