CVE-2025-8504 – “Code-Projects Kitchen Treasure File Upload Vulnerability”

August 3, 2025

CVE ID : CVE-2025-8504

Published : Aug. 3, 2025, 8:15 a.m. | 15 hours, 22 minutes ago

Description : A vulnerability, which was classified as critical, was found in code-projects Kitchen Treasure 1.0. This affects an unknown part of the file /userregistration.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-8505 – wx-shop Cross-Site Request Forgery (CSRF) Vulnerability

Next Article CVE-2025-8503 – Code-projects Online Medicine Guide SQL Injection Vulnerability

15 Essential Skills to Look for When Hiring Node.js Developers for Enterprise Projects (2025-2026)

African training program creates developers with cloud-native skills

React.js for SaaS Platforms: How Top Development Teams Help Startups Launch Faster

Upwork Freelancers vs Dedicated React.js Teams: What’s Better for Your Project in 2025?

LastPass can now warn or block logins to shadow SaaS apps – here’s how

Get up to a year of Adobe Creative Cloud access for 40% off

Got 6 hours? This free AI training from Google and Goodwill can boost your resume today

Why I recommend this budget phone with a paper-like screen over ‘minimalist’ devices

Laravel Boost, your AI coding starter kit

Laravel Boost, your AI coding starter kit

Using GitHub Copilot in VS Code

Optimizely Mission Control – Part I

Top 20 kubectl Commands Every Kubernetes Beginner Must Know

Top 20 kubectl Commands Every Kubernetes Beginner Must Know

Microsoft’s record stock run collides with Nadella’s admission that 15,000 layoffs still ‘hurt’

Google Quietly Tests Opal, a “Vibe-Coding” App That Turns Text into Mini Web Apps

CVE-2025-8504 – “Code-Projects Kitchen Treasure File Upload Vulnerability”

PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads

The Wild West of Shadow IT

My laptop webcam wasn’t cutting it for video calls – then I discovered this accessory

CVE-2025-4075 – VMSMan Cross Site Scripting Vulnerability

This GNOME Extension Simplifies iPhone Screen Sharing on Linux

CISA Catalog Update-June 25, 2025

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

Microsoft Access introduces magnification slider for enhanced usability

CVE-2025-2070 – “FileZ XML Parsing Denial of Service”

Reddit turns 20: Its incredible journey from scrappy startup to ‘the heart of the internet’

CVE-2025-8504 – “Code-Projects Kitchen Treasure File Upload Vulnerability”

Related Posts