CVE-2025-4310

Name of the Vulnerable Software and Affected Versions itsourcecode Content Management System version 1.0

Description A critical issue has been discovered, affecting a part of the /admin/add topic.php?category=BBS file. The manipulation of the Cover Image argument leads to unrestricted upload. This issue can be exploited remotely. The exploit has been publicly disclosed and may be used.

Recommendations For itsourcecode Content Management System version 1.0, consider restricting access to the /admin/add topic.php?category=BBS endpoint to minimize the risk of exploitation. As a temporary workaround, avoid using the Cover Image argument in the affected endpoint until the issue is resolved.