exploitDog

CVE-2025-7931

Опубликовано: 21 июл. 2025

Источник: nvd

CVSS3: 7.3

CVSS2: 7.5

EPSS Низкий

Описание

A vulnerability was found in code-projects Church Donation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /members/admin_pic.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Ссылки

https://code-projects.org/
Product
https://github.com/n0name-yang/myCVE/issues/16
Exploit
Issue Tracking
Third Party Advisory
https://vuldb.com/?ctiid.317060
Permissions Required
VDB Entry
https://vuldb.com/?id.317060
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.618946
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:carmelo:church_donation_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 20%

0.00062

Низкий

7.3 High

CVSS3

7.5 High

CVSS2

Дефекты

CWE-284

Связанные уязвимости

GHSA-mjrp-66fv-6ccw

CVSS3: 7.3

github

около 2 месяцев назад

A vulnerability was found in code-projects Church Donation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /members/admin_pic.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

EPSS

Процентиль: 20%

0.00062

Низкий

7.3 High

CVSS3

7.5 High

CVSS2

Дефекты

CWE-284