CVE-2025-3765

Medium CVSS: 5.3

A vulnerability, which was classified as critical, has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. This issue affects some unknown processing of the file /edit-photo.php. The manipulation of the argument Avatar leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Vendor

Senior-walter

Product

Web-based Pharmacy Product Management System

CWE

CWE-284

Yayın Tarihi

2025-04-17 20:15:28

Güncelleme

2025-05-14 21:00:34

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-284 Web-based Pharmacy Product Management System MEDIUM Senior-walter 2025

Referanslar

https://github.com/yaklang/IRifyScanResult/blob/main/Web-based%20Pharmacy%20Product%20Management%20System/upload_in_edit-photo.md https://vuldb.com/?ctiid.305399 https://vuldb.com/?id.305399 https://vuldb.com/?submit.553722 https://www.sourcecodester.com/

Benzer Kayıtlar

High

CVE-2026-30573

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0. The vulnerability is loc…

High

CVE-2026-30576

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file…

High

CVE-2026-30574

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-sales.php file…

High

CVE-2026-30575

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file…

Medium

CVE-2026-3766

A security flaw has been discovered in SourceCodester Web-based Pharmacy Product Management System 1.0. This impacts an…

Low

CVE-2026-3401

A weakness has been identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unkno…