A vulnerability was identified in itsourcecode E-Commerce Website 1.0. This impacts an unknown function of the file /admin/products.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit is publicly available and might be used.
Advisories
Source ID Title
EUVD EUVD EUVD-2025-29815 A vulnerability was identified in itsourcecode E-Commerce Website 1.0. This impacts an unknown function of the file /admin/products.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit is publicly available and might be used.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Mon, 22 Sep 2025 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Angeljudesuarez
Angeljudesuarez e-commerce Website
CPEs cpe:2.3:a:angeljudesuarez:e-commerce_website:1.0:*:*:*:*:*:*:*
Vendors & Products Angeljudesuarez
Angeljudesuarez e-commerce Website

Thu, 18 Sep 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 18 Sep 2025 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Itsourcecode
Itsourcecode e-commerce Website
Vendors & Products Itsourcecode
Itsourcecode e-commerce Website

Wed, 17 Sep 2025 20:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was identified in itsourcecode E-Commerce Website 1.0. This impacts an unknown function of the file /admin/products.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit is publicly available and might be used.
Title itsourcecode E-Commerce Website products.php unrestricted upload
Weaknesses CWE-284
CWE-434
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2025-09-18T15:40:41.046Z

Reserved: 2025-09-17T11:15:53.564Z

Link: CVE-2025-10615

cve-icon Vulnrichment

Updated: 2025-09-18T15:40:33.388Z

cve-icon NVD

Status : Analyzed

Published: 2025-09-17T20:15:35.850

Modified: 2025-09-20T02:41:09.607

Link: CVE-2025-10615

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-09-18T11:58:47Z