CVE-2025-6870

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Company Website version 1.0

Description: A critical issue affects some unknown functionality of the file /classes/Content.php?f=service. The manipulation of the img argument leads to unrestricted upload. The attack may be launched remotely.

Recommendations: For version 1.0, consider restricting access to the /classes/Content.php file to minimize the risk of exploitation. As a temporary workaround, avoid using the img argument in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.