A security vulnerability has been detected in code-projects Mobile Shop Management System 1.0. This affects an unknown function of the file AddNewProduct.php. The manipulation of the argument ProductImage leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.
References
| Link | Resource |
|---|---|
| https://code-projects.org/ | Product |
| https://github.com/chen2496088236/CVE/issues/2 | Exploit Issue Tracking |
| https://vuldb.com/?ctiid.322188 | Permissions Required VDB Entry |
| https://vuldb.com/?id.322188 | Third Party Advisory VDB Entry |
| https://vuldb.com/?submit.641779 | Third Party Advisory VDB Entry |
Configurations
History
08 Sep 2025, 13:56
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:fabianros:mobile_shop_management_system:1.0:*:*:*:*:*:*:* | |
| References | () https://code-projects.org/ - Product | |
| References | () https://github.com/chen2496088236/CVE/issues/2 - Exploit, Issue Tracking | |
| References | () https://vuldb.com/?ctiid.322188 - Permissions Required, VDB Entry | |
| References | () https://vuldb.com/?id.322188 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?submit.641779 - Third Party Advisory, VDB Entry | |
| First Time |
Fabianros
Fabianros mobile Shop Management System |
03 Sep 2025, 00:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-09-03 00:15
Updated : 2025-09-08 13:56
NVD link : CVE-2025-9841
Mitre link : CVE-2025-9841
CVE.ORG link : CVE-2025-9841
JSON object : View
Products Affected
fabianros
- mobile_shop_management_system