CVE-2025-3842

Name of the Vulnerable Software and Affected Versions panhainan DS-Java version 1.0

Description A critical issue affects the function uploadUserPic.action of the file src/com/phn/action/FileUpload.java. The manipulation of the argument fileUpload leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Recommendations For panhainan DS-Java version 1.0, consider disabling the uploadUserPic.action function until a patch is available. Restrict access to the FileUpload.java file to minimize the risk of exploitation. Avoid using the fileUpload argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.