CVE-2025-6870 – SourceCodester Simple Company Website Unrestricted File Upload Vulnerability

June 29, 2025

CVE ID : CVE-2025-6870

Published : June 29, 2025, 8:15 p.m. | 2 hours, 9 minutes ago

Description : A vulnerability was found in SourceCodester Simple Company Website 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Content.php?f=service. The manipulation of the argument img leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2015-20112 – Fortinet SSL/TLS CTR Stream Collision Vulnerability

Next Article CVE-2025-6869 – SourceCodester Simple Company Website SQL Injection Vulnerability

Highlights

CVE-2025-5847 – Tenda AC9 Stack-Based Buffer Overflow Vulnerability

June 8, 2025

CVE ID : CVE-2025-5847

Published : June 8, 2025, 2:15 p.m. | 6 hours, 29 minutes ago

Description : A vulnerability has been found in Tenda AC9 15.03.02.13 and classified as critical. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg of the component HTTP POST Request Handler. The manipulation of the argument remoteIp leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Smashing Security podcast #426: Choo Choo Choose to ignore the vulnerability

July 17, 2025

CVE-2025-27828 – Mitel MiContact Center Business Reflected Cross-Site Scripting Vulnerability

June 24, 2025

The new Surface Pro 12-inch is now the price it should’ve always been — but only because of this limited anti-Prime Day deal

July 7, 2025

Sentry launches MCP monitoring tool

10 Benefits of Hiring a React.js Development Company (2025–2026 Edition)

From Line To Layout: How Past Experiences Shape Your Design Career

Hire React.js Developers in the US: How to Choose the Right Team for Your Needs

I’ve tested every Samsung Galaxy phone in 2025 – here’s the model I’d recommend on sale

Google Photos just put all its best editing tools a tap away – here’s the shortcut

Claude can teach you how to code now, and more – how to try it

One of the best work laptops I’ve tested has MacBook written all over it (but it’s even better)

Controlling Execution Flow with Laravel’s Sleep Helper

Controlling Execution Flow with Laravel’s Sleep Helper

Generate Secure Temporary Share Links for Files in Laravel

This Week in Laravel: Filament 4, Laravel Boost, and Junie Review

KDE Plasma 6 on Wayland: the Payoff for Years of Plumbing

KDE Plasma 6 on Wayland: the Payoff for Years of Plumbing

FOSS Weekly #25.33: Debian 13 Released, Torvalds vs RISC-V, Arch’s New Tool, GNOME Perfection and More Linux Stuff

Ultimate ChatGPT-5 Prompt Guide: 52 Ideas for Any Task

CVE-2025-6870 – SourceCodester Simple Company Website Unrestricted File Upload Vulnerability

CISA Adds Two N-able N-central Flaws to Known Exploited Vulnerabilities Catalog

From Banking Darling to $1B Fraud Magnet: Inside the Zelle Lawsuit 2025

Google komt met Android-updates voor aangevallen FreeType-lek

OpenAI tells ChatGPT users to take a break — Altman asks “What have we done?” just days before GPT-5 launch

CVE-2025-46552 – GitHub KHC-INVITATION-AUTOMATION Unauthenticated User Data Disclosure

Drone Usage Policy

CVE-2025-5847 – Tenda AC9 Stack-Based Buffer Overflow Vulnerability

Smashing Security podcast #426: Choo Choo Choose to ignore the vulnerability

CVE-2025-27828 – Mitel MiContact Center Business Reflected Cross-Site Scripting Vulnerability

The new Surface Pro 12-inch is now the price it should’ve always been — but only because of this limited anti-Prime Day deal

CVE-2025-6870 – SourceCodester Simple Company Website Unrestricted File Upload Vulnerability

Related Posts