Unknown · Biggidroid Simple Php Cms · CVE-2025-15262
**Name of the Vulnerable Software and Affected Versions**
BiggiDroid Simple PHP CMS version 1.0
**Description**
A security flaw exists in BiggiDroid Simple PHP CMS version 1.0 related to the Site Logo Handler component. Manipulation of the `image` argument in the `/admin/edit.php` file allows for unrestricted file uploads. Remote exploitation is possible, and the exploit has been publicly released.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.