CVE-2025-45997

High CVSS: 8.6

Sourcecodester Web-based Pharmacy Product Management System v.1.0 has a file upload vulnerability. An attacker can upload a PHP file disguised as an image by modifying the Content-Type header to image/jpg.

Vendor

Senior-walter

Product

Web-based Pharmacy Product Management System

CWE

CWE-434

Yayın Tarihi

2025-05-28 14:15:33

Güncelleme

2025-06-09 18:53:36

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-434 Web-based Pharmacy Product Management System HIGH Senior-walter 2025

Referanslar

https://github.com/litsasuk/CVE-POC/blob/main/CVE-2025-45997.md https://www.sourcecodester.com/php/17883/web-based-product-alert-system.html

Benzer Kayıtlar

High

CVE-2026-30573

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0. The vulnerability is loc…

High

CVE-2026-30576

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file…

High

CVE-2026-30574

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-sales.php file…

High

CVE-2026-30575

A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file…

Medium

CVE-2026-3766

A security flaw has been discovered in SourceCodester Web-based Pharmacy Product Management System 1.0. This impacts an…

Low

CVE-2026-3401

A weakness has been identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unkno…