PT-2025-36429 · Sourcecodester · Pet Management System

Drewbyte

Published

2025-09-08

Updated

2025-09-08

CVE-2025-10081

Report an issue

CVSS v2.0

5.8

Vector

AV:N/AC:L/Au:M/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions:

SourceCodester Pet Management System version 1.0

Description:

A flaw has been found that allows for unrestricted file upload. This occurs through manipulation of the `website image` argument in an unknown function of the `/admin/profile.php` file. Remote exploitation is possible.

Recommendations:

As a temporary workaround, restrict access to the `/admin/profile.php` file to minimize the risk of exploitation.

Exploit

Fix

Unrestricted File Upload

Improper Access Control

Weakness Enumeration

CWE-434CWE-284

Related Identifiers

CVE-2025-10081

Affected Products

Pet Management System

PT-2025-36429 · Sourcecodester · Pet Management System

Weakness Enumeration

Related Identifiers

Affected Products

References · 10