CVE-2025-6872 – SourceCodester Simple Company Website Unrestricted File Upload Vulnerability

June 29, 2025

CVE ID : CVE-2025-6872

Published : June 29, 2025, 9:15 p.m. | 1 hour, 9 minutes ago

Description : A vulnerability classified as critical was found in SourceCodester Simple Company Website 1.0. This vulnerability affects unknown code of the file /classes/SystemSettings.php?f=update_settings. The manipulation of the argument img leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleRename Audio Devices on Ubuntu with this ‘Simple’ App

Next Article CVE-2025-6871 – SourceCodester Simple Company Website SQL Injection

Highlights

CVE-2025-4817 – Sourcecodester Doctor’s Appointment System SQL Injection Vulnerability

May 17, 2025

CVE ID : CVE-2025-4817

Published : May 17, 2025, 4:16 a.m. | 28 minutes ago

Description : A vulnerability was found in Sourcecodester Doctor’s Appointment System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/delete-appointment.php of the component GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

SteelSeries’ latest wireless mouse is cheap and colorful — but is this the one to spend your money on?

DistroWatch Weekly, Issue 1128

Your Slack app is getting a big upgrade – here’s how to try the new AI features

How Code Feedback MCP Enhances AI-Generated Code Quality

How Code Feedback MCP Enhances AI-Generated Code Quality

PRSS Site Creator – Create Blogs and Websites from Your Desktop

Say hello to ECMAScript 2025

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

SteelSeries’ latest wireless mouse is cheap and colorful — but is this the one to spend your money on?

Microsoft confirms Windows 11 25H2, might make Windows more stable

CVE-2025-6872 – SourceCodester Simple Company Website Unrestricted File Upload Vulnerability

⚡ Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More

China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom

Stopping malaria in its tracks

CVE-2025-47153 – “Nodejs libuv Out-of-Bounds Access Vulnerability”

AI in Finance: Smarter Fraud Detection, Risk Analysis & Algorithmic Trading💰

CVE-2025-53384 – Apache HTTP Server Information Disclosure

CVE-2025-4817 – Sourcecodester Doctor’s Appointment System SQL Injection Vulnerability

CVE-2025-6860 – SourceCodester Best Salon Management System SQL Injection Vulnerability

Citrix NetScaler ADC and Gateway Vulnerabilities Allow Attackers to Access Sensitive Data

CVE-2025-46350 – YesWiki Reflected Cross-Site Scripting Vulnerability

CVE-2025-6872 – SourceCodester Simple Company Website Unrestricted File Upload Vulnerability

Related Posts