CVE-2025-12201

Name of the Vulnerable Software and Affected Versions ajayrandhawa User-Management-PHP-MYSQL versions prior to fedcf58797bf2791591606f7b61fdad99ad8bff1

Description A flaw exists within the User Management Interface component of the software, specifically concerning file uploads. Manipulation of the image argument in the /admin/edit-user.php file allows for unrestricted file uploads. This issue can be exploited remotely. The product utilizes a rolling release model, meaning specific affected and updated version details are unavailable.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.