← volver
CVE-2025-14530

SourceCodester Real Estate Property Listing App property.php unrestricted upload

CVSS 5.1 MEDIUMEPSS 0.4%CWE-284CWE-434
A vulnerability has been found in SourceCodester Real Estate Property Listing App 1.0. The impacted element is an unknown function of the file /admin/property.php. Such manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Productos afectados
SourceCodester · Real Estate Property Listing App

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/zzdzz7/cve/issues/2https://vuldb.com/?ctiid.335871https://vuldb.com/?id.335871https://vuldb.com/?submit.703238https://www.sourcecodester.com/