CVE-2025-46191

Name of the Vulnerable Software and Affected Versions SourceCodester Client Database Management System version 1.0

Description The application lacks proper file extension checks, MIME type validation, and authentication when handling file uploads through the user payment update.php script. Specifically, unauthenticated users can upload arbitrary files via the uploaded file cancelled field. Successful exploitation allows attackers to upload executable PHP files to the /files/ directory, which is web-accessible. This enables remote code execution by accessing the uploaded script, granting attackers full control of the system.

Recommendations SourceCodester Client Database Management System version 1.0: Implement robust file validation to verify file extensions and MIME types before accepting uploads. Enforce authentication for all file upload operations. Restrict access to the /files/ directory to prevent direct execution of uploaded files.