A vulnerability was found in code-projects Simple Photo Gallery 1.0. It has been classified as critical. Affected is an unknown function of the file /upload-photo.php. The manipulation of the argument file_img leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://code-projects.org/ | Product |
https://github.com/ez-lbz/poc/issues/13 | Exploit Issue Tracking Third Party Advisory |
https://vuldb.com/?ctiid.314286 | Permissions Required VDB Entry |
https://vuldb.com/?id.314286 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.603263 | Third Party Advisory VDB Entry |
https://github.com/ez-lbz/poc/issues/13 | Exploit Issue Tracking Third Party Advisory |
Configurations
History
10 Jul 2025, 00:52
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:fabian:simple_photo_gallery:1.0:*:*:*:*:*:*:* | |
First Time |
Fabian
Fabian simple Photo Gallery |
|
References | () https://code-projects.org/ - Product | |
References | () https://github.com/ez-lbz/poc/issues/13 - Exploit, Issue Tracking, Third Party Advisory | |
References | () https://vuldb.com/?ctiid.314286 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?id.314286 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.603263 - Third Party Advisory, VDB Entry |
30 Jun 2025, 16:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
References | () https://github.com/ez-lbz/poc/issues/13 - |
29 Jun 2025, 04:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-06-29 04:15
Updated : 2025-07-10 00:52
NVD link : CVE-2025-6843
Mitre link : CVE-2025-6843
CVE.ORG link : CVE-2025-6843
JSON object : View
Products Affected
fabian
- simple_photo_gallery