CVE-2025-10081

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SourceCodester Pet Management System version 1.0

Description A flaw has been found that allows for unrestricted file upload. This occurs through manipulation of the website image argument in an unknown function of the /admin/profile.php file. Remote exploitation is possible.

Recommendations As a temporary workaround, restrict access to the /admin/profile.php file to minimize the risk of exploitation.

Exploit

Fix

Improper Access Control

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-434

Related Identifiers

CVE-2025-10081

Affected Products

Pet Management System

CVE-2025-10081

Weakness Enumeration

Related Identifiers

Affected Products

References · 12