7 matches found
CVE-2025-6867
CVE-2025-6867 affects SourceCodester Simple Company Website 1.0. The issue is a SQL injection in the file /admin/services/manage.php caused by manipulating the argument ID, reported as remotely exploitable with the exploit publicly disclosed. Multiple connected sources corroborate the vulnerabili...
CVE-2025-6872
CVE-2025-6872 concerns SourceCodester Simple Company Website 1.0. The vulnerability targets the file /classes/SystemSettings.php?f=update_settings, where manipulating the img parameter enables unrestricted file upload. This can be triggered remotely, and multiple sources indicate exploitation is ...
CVE-2025-6873
The CVE-2025-6873 entry concerns SourceCodester Simple Company Website 1.0. A vulnerability in the processing of the file /classes/Users.php?f=save allows unrestricted upload by manipulating the img parameter. The issue can be triggered remotely, and public disclosure of the exploit is noted. Con...
CVE-2025-6868
CVE-2025-6868 affects SourceCodester Simple Company Website 1.0, with a SQL injection in /admin/clients/manage.php via the ID parameter. A remote attacker can exploit this; some sources note PoC/exploitation details. Remediation is not standardized in the provided materials; PT-Security suggests ...
CVE-2025-6870
CVE-2025-6870 affects SourceCodester Simple Company Website 1.0. Affected component: the file /classes/Content.php?f=service, where manipulation of the parameter img enables unrestricted upload. Root cause stated as improper handling of the img argument allowing remote exploitation; exploitation ...
CVE-2025-6869
CVE-2025-6869 affects SourceCodester Simple Company Website 1.0. The file /admin/testimonials/manage.php is vulnerable via manipulation of the ID argument, leading to SQL injection. The vulnerability can be exploited remotely and has been publicly disclosed. Multiple sources corroborate the issue...
CVE-2025-6871
SourceCodester Simple Company Website 1.0 is affected by a SQL injection in /classes/Login.php via the Username parameter. The vulnerability is exploitable remotely, with public exploit accessibility and CVSS metrics indicating high impact to confidentiality, integrity, and availability. Connecte...