Lucene search
K
Oretnom23Simple Company Website

7 matches found

CVE
CVE
added 2025/06/29 6:32 p.m.25 views

CVE-2025-6867

CVE-2025-6867 affects SourceCodester Simple Company Website 1.0. The issue is a SQL injection in the file /admin/services/manage.php caused by manipulating the argument ID, reported as remotely exploitable with the exploit publicly disclosed. Multiple connected sources corroborate the vulnerabili...

7.2CVSS5.3AI score0.00333EPSS
Web
CVE
CVE
added 2025/06/29 9:2 p.m.25 views

CVE-2025-6872

CVE-2025-6872 concerns SourceCodester Simple Company Website 1.0. The vulnerability targets the file /classes/SystemSettings.php?f=update_settings, where manipulating the img parameter enables unrestricted file upload. This can be triggered remotely, and multiple sources indicate exploitation is ...

7.2CVSS5AI score0.00439EPSS
Web
CVE
CVE
added 2025/06/29 9:32 p.m.25 views

CVE-2025-6873

The CVE-2025-6873 entry concerns SourceCodester Simple Company Website 1.0. A vulnerability in the processing of the file /classes/Users.php?f=save allows unrestricted upload by manipulating the img parameter. The issue can be triggered remotely, and public disclosure of the exploit is noted. Con...

7.2CVSS4.9AI score0.00439EPSS
Web
CVE
CVE
added 2025/06/29 7:2 p.m.23 views

CVE-2025-6868

CVE-2025-6868 affects SourceCodester Simple Company Website 1.0, with a SQL injection in /admin/clients/manage.php via the ID parameter. A remote attacker can exploit this; some sources note PoC/exploitation details. Remediation is not standardized in the provided materials; PT-Security suggests ...

7.2CVSS5.3AI score0.00354EPSS
Web
CVE
CVE
added 2025/06/29 8:2 p.m.23 views

CVE-2025-6870

CVE-2025-6870 affects SourceCodester Simple Company Website 1.0. Affected component: the file /classes/Content.php?f=service, where manipulation of the parameter img enables unrestricted upload. Root cause stated as improper handling of the img argument allowing remote exploitation; exploitation ...

5.8CVSS7.1AI score0.00363EPSS
Web
CVE
CVE
added 2025/06/29 7:32 p.m.19 views

CVE-2025-6869

CVE-2025-6869 affects SourceCodester Simple Company Website 1.0. The file /admin/testimonials/manage.php is vulnerable via manipulation of the ID argument, leading to SQL injection. The vulnerability can be exploited remotely and has been publicly disclosed. Multiple sources corroborate the issue...

7.2CVSS5.3AI score0.00378EPSS
Web
CVE
CVE
added 2025/06/29 8:32 p.m.19 views

CVE-2025-6871

SourceCodester Simple Company Website 1.0 is affected by a SQL injection in /classes/Login.php via the Username parameter. The vulnerability is exploitable remotely, with public exploit accessibility and CVSS metrics indicating high impact to confidentiality, integrity, and availability. Connecte...

9.8CVSS7.5AI score0.00454EPSS
Web