CVE-2025-12301 | code-projects Simple Food Ordering System 1.0 /editproduct.php photo unrestricted upload

Inserito da Angelo Barbosa | Ott 26, 2025 | CVE

A vulnerability was found in code-projects Simple Food Ordering System 1.0. It has been declared as critical. Impacted is an unknown function of the file /editproduct.php. Such manipulation of the argument photo leads to unrestricted upload.

This vulnerability is uniquely identified as CVE-2025-12301. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2025-12301 | code-projects Simple Food Ordering System 1.0 /editproduct.php photo unrestricted upload

Post correlati

CVE-2021-47288 | Linux Kernel up to 5.13.5 media string.h ngene_command_config_free_buf array index

CVE-2025-52922 | Innoshop up to 0.4.1 FileManager API Endpoint /api/file_manager/files base_folder path traversal

CVE-2024-23186 | Open-Xchange OX App Suite up to 8.21 Web Interface cross site scripting

CVE-2022-50239 | Linux Kernel up to 5.10.151/5.15.75/6.0.5 qcom_cpufreq_krait_name_version buffer overflow