CVE-2025-4310 – iSourcecode Content Management System Unrestricted File Upload Vulnerability

May 6, 2025

CVE ID : CVE-2025-4310

Published : May 6, 2025, 4:16 a.m. | 3 hours, 31 minutes ago

Description : A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. This affects an unknown part of the file /admin/add_topic.php?category=BBS. The manipulation of the argument Cover Image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4311 – iSourcecode Content Management System SQL Injection Vulnerability

Next Article CVE-2025-4309 – PHPGurukul Art Gallery Management System SQL Injection Vulnerability

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

CSS Cascade Layers Vs. BEM Vs. Utility Classes: Specificity Control

IBM launches new integration to help unify AI security and governance

I used Lenovo’s latest dual-screen OLED laptop for a month and it wouldn’t be my first choice — here’s why

Here’s how I fixed a dead Steam Deck screen — with Valve proving they still have the best customer service in gaming

Borderlands 4 drops stunning new story trailer

DistroWatch Weekly, Issue 1127

Exploring Lakebase: Databricks’ Next-Gen AI-Native OLTP Database

Exploring Lakebase: Databricks’ Next-Gen AI-Native OLTP Database

Understanding JavaScript Promise

Lakeflow: Revolutionizing SCD2 Pipelines with Change Data Capture (CDC)

I used Lenovo’s latest dual-screen OLED laptop for a month and it wouldn’t be my first choice — here’s why

I used Lenovo’s latest dual-screen OLED laptop for a month and it wouldn’t be my first choice — here’s why

Here’s how I fixed a dead Steam Deck screen — with Valve proving they still have the best customer service in gaming

Borderlands 4 drops stunning new story trailer

CVE-2025-4310 – iSourcecode Content Management System Unrestricted File Upload Vulnerability

WordPress Motors theme flaw mass-exploited to hijack admin accounts

Weekly Cybersecurity News Recap – Top Vulnerabilities, Threat and Data Breaches

VideoDubber AI Celebrity Voice Generator

CVE-2025-3577 – Zyxel AMG1302-T10B Path Traversal Vulnerability

CVE-2025-41426 – Vertiv Stack Buffer Overflow Vulnerability

CVE-2025-48710 – Kro Kube Resource Orchestrator Remote Code Execution Vulnerability

CVE-2025-36049 – IBM webMethods Integration Server XML External Entity Injection (XXE) Vulnerability

CVE-2025-3116 – Apache HTTP Server SSL/TLS Denial of Service Vulnerability

May 2025 Detection Highlights: VMRay Threat Identifiers, Config Extractors for Lumma & VideoSpy, and Fresh YARA Rules.

CVE-2025-40575 – SCALANCE LPE9403 Remote Denial of Service (DoS) Vulnerability

CVE-2025-4310 – iSourcecode Content Management System Unrestricted File Upload Vulnerability

Related Posts