CVE-2025-6667 – “Code-Projects Car Rental System Unrestricted File Upload Vulnerability”

June 25, 2025

CVE ID : CVE-2025-6667

Published : June 25, 2025, 10:15 p.m. | 4 hours, 6 minutes ago

Description : A vulnerability was found in code-projects Car Rental System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/add_cars.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6668 – Code-projects Inventory Management System SQL Injection Vulnerability

Next Article CVE-2025-6662 – PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure

tRPC vs GraphQL vs REST: Choosing the right API design for modern web applications

Jakarta EE 11 Platform launches with modernized Test Compatibility Kit framework

Can Good UX Protect Older Users From Digital Scams?

Warp 2.0 evolves terminal experience into an Agentic Development Environment

Microsoft Copilot secures a spot in classrooms as a “thought partner” — with Copilot Chat backed by OpenAI’s GPT-4o

OpenAI started as a “countervailing force” to Google — did Elon Musk and Sam Altman torpedo DeepMind’s plans to dictate AGI?

Gears of War: Reloaded preorders — where to buy and everything you need to know

OpenAI’s Sam Altman breaks silence on Microsoft feud with Satya Nadella — citing “points of tension” amid evolution plans

Are Semantic Layers Sexy Again? or The Rise and Fall and Rise of Semantic Layers

Are Semantic Layers Sexy Again? or The Rise and Fall and Rise of Semantic Layers

Salesforce Marketing Cloud Engagement vs. Oracle Eloqua

Exploring Lucidworks Fusion and Coveo Using Apache Solr

Microsoft Copilot secures a spot in classrooms as a “thought partner” — with Copilot Chat backed by OpenAI’s GPT-4o

Microsoft Copilot secures a spot in classrooms as a “thought partner” — with Copilot Chat backed by OpenAI’s GPT-4o

OpenAI started as a “countervailing force” to Google — did Elon Musk and Sam Altman torpedo DeepMind’s plans to dictate AGI?

Gears of War: Reloaded preorders — where to buy and everything you need to know

CVE-2025-6667 – “Code-Projects Car Rental System Unrestricted File Upload Vulnerability”

CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability

Veeam Patches CVE-2025-23121: Critical RCE Bug Rated 9.9 CVSS in Backup & Replication

YouTube app for Xbox, PlayStation, and Smart TVs gets a refreshing update that fixes a frustrating flaw

ESET takes part in global operation to disrupt Lumma Stealer

CVE-2025-5250 – PHPGurukul News Portal Project SQL Injection Vulnerability

PowerToys 0.91 update brings major improvements to Command Palette & more

CVE-2025-4844 – FreeFloat FTP Server CD Command Handler Buffer Overflow Vulnerability

CVE-2025-27525 – Hitachi JP1/IT Desktop Management 2 – Smart Device Manager Windows Information Exposure Vulnerability

NVIDIA AI Released AgentIQ: An Open-Source Library for Efficiently Connecting and Optimizing Teams of AI Agents

FermiNet: Quantum physics and chemistry from first principles

CVE-2025-6667 – “Code-Projects Car Rental System Unrestricted File Upload Vulnerability”

Related Posts