CVE-2025-10763 | academico-sis academico up to d9a9e2636fbf7e5845ee086bcb03ca62faceb6ab Profile Picture /edit-photo unrestricted upload

A vulnerability identified as critical has been detected in academico-sis academico up to d9a9e2636fbf7e5845ee086bcb03ca62faceb6ab. Affected by this issue is some unknown functionality of the file /edit-photo of the component Profile Picture Handler. This manipulation causes unrestricted upload.

This vulnerability is tracked as CVE-2025-10763. The attack is possible to be carried out remotely. Moreover, an exploit is present.

This product adopts a rolling release strategy to maintain continuous delivery

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-10763 | academico-sis academico up to d9a9e2636fbf7e5845ee086bcb03ca62faceb6ab Profile Picture /edit-photo unrestricted upload

Post correlati

CVE-2023-50992 | Tenda i29 1.0.0.5 setPing ip stack-based overflow

CVE-2021-36593 | Oxwall 1.8.7 Image File unrestricted upload

CVE-2025-8875 | N-able N-central 2023.4/2023.6/2024.2/2024.3/2024.6 deserialization

CVE-2018-9447 | Google Android EmergencyCallbackModeExitDialog.java onCreate denial of service