CVE-2025-5299 | SourceCodester Client Database Management System 1.0 user_order_customer_update.php uploaded_file_cancelled unrestricted upload

Inserito da Angelo Barbosa | Mag 28, 2025 | CVE

A vulnerability was found in SourceCodester Client Database Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /user_order_customer_update.php. The manipulation of the argument uploaded_file_cancelled leads to unrestricted upload.

This vulnerability was named CVE-2025-5299. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-5299 | SourceCodester Client Database Management System 1.0 user_order_customer_update.php uploaded_file_cancelled unrestricted upload

Post correlati

CVE-2024-57487 | Code-Projects Online Car Rental System 1.0 File Extension unrestricted upload

CVE-2025-33093 | IBM Sterling Partner Engagement Manager 6.1.0/6.2.0/6.2.2 Helm Chart password in configuration file

CVE-2024-27820 | Apple watchOS Web Contents memory corruption

CVE-2024-22956 | SWFTools 0.9.2 swftools/src/swfc.c removeFromTo use after free (Issue 208)