{"id":7368,"date":"2025-06-29T16:36:41","date_gmt":"2025-06-29T16:36:41","guid":{"rendered":"http:\/\/localhost\/?p=7368"},"modified":"2025-06-29T16:36:41","modified_gmt":"2025-06-29T16:36:41","slug":"sourcecodester-simple-company-website-systemsettingsphp-unrestricted-upload","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=7368","title":{"rendered":"SourceCodester Simple Company Website SystemSettings.php unrestricted upload"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nSourceCodester Simple Company Website SystemSettings.php unrestricted upload<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-06-29T21:02:05.893Z<\/td>\n<\/tr>\n
Last Seen<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nSourceCodester<\/td>\n<\/tr>\n
Product<\/th>\nSimple Company Website<\/td>\n<\/tr>\n
Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n\n\n\n
Base Score<\/th>\n5.1 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:H\/UI:N\/VC:L\/VI:L\/VA:L\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\n<\/td>\n<\/tr>\n
Integrity Impact<\/th>\n<\/td>\n<\/tr>\n
Availability Impact<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA critical vulnerability in SourceCodester’s Simple Company Website 1.0 allows remote attackers to upload arbitrary files due to improper validation in SystemSettings.php. This could lead to code execution and server compromise. The issue is considered critical due to its potential impact.<\/td>\n<\/tr>\n
AI Severity<\/th>\nHigh<\/td>\n<\/tr>\n
Vendor<\/th>\nSourceCodester<\/td>\n<\/tr>\n
Product<\/th>\nSimple Company Website<\/td>\n<\/tr>\n
Affected Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n