CVE-2025-8256 | code-projects Online Ordering System 1.0 /admin/product.php image unrestricted upload

Inserito da Angelo Barbosa | Lug 26, 2025 | CVE

A vulnerability classified as critical has been found in code-projects Online Ordering System 1.0. Affected is an unknown function of the file /admin/product.php. The manipulation of the argument image leads to unrestricted upload.

This vulnerability is traded as CVE-2025-8256. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2025-8256 | code-projects Online Ordering System 1.0 /admin/product.php image unrestricted upload

Post correlati

CVE-2023-47576 | Relyum RELY-PCIe/RELY-REC Web Interface command injection

CVE-2024-20043 | MediaTek MT8798 Da out-of-bounds write (ALPS08541781)

CVE-2024-43438 | Moodle Feedback Non-Respondents Report resource injection

CVE-2024-42390 | Cesanta Mongoose Web Server up to 7.14 TLS Packet out-of-range pointer offset