CVE-2025-2035 | s-a-zhd Ecommerce-Website-using-PHP 1.0 /customer_register.php name unrestricted upload

Inserito da Angelo Barbosa | Mar 6, 2025 | CVE

A vulnerability was found in s-a-zhd Ecommerce-Website-using-PHP 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /customer_register.php. The manipulation of the argument name leads to unrestricted upload.

This vulnerability is handled as CVE-2025-2035. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2025-2035 | s-a-zhd Ecommerce-Website-using-PHP 1.0 /customer_register.php name unrestricted upload

Post correlati

CVE-2024-20131 | MediaTek MT8798 Modem NR16/Modem NR17 out-of-bounds write (MSV-1873 / MOLY01395886)

CVE-2024-28866 | GoCD up to 24.0.x redirect_to cross site scripting

CVE-2025-1965 | projectworlds Online Hotel Booking 1.0 /admin/login.php emailusername sql injection

CVE-2024-7027 | Woocommerce Plugin up to 4.9.3 on WordPress Voucher Vendor improper authentication