CVE-2025-7547

| EUVD-2025-21275 HIGH
2025-07-13 [email protected]
7.3
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

4
Analysis Generated
Mar 16, 2026 - 09:18 vuln.today
EUVD ID Assigned
Mar 16, 2026 - 09:18 euvd
EUVD-2025-21275
PoC Detected
Jul 16, 2025 - 14:36 vuln.today
Public exploit code
CVE Published
Jul 13, 2025 - 23:15 nvd
HIGH 7.3

Tags

File Upload PHP Online Movie Theater Seat Reservation System

Description

A vulnerability, which was classified as critical, was found in Campcodes Online Movie Theater Seat Reservation System 1.0. This affects the function save_movie of the file /admin/admin_class.php. The manipulation of the argument cover leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Analysis

CVE-2025-7547 is a critical unrestricted file upload vulnerability in Campcodes Online Movie Theater Seat Reservation System version 1.0, affecting the save_movie function in /admin/admin_class.php. An unauthenticated remote attacker can manipulate the 'cover' parameter to upload arbitrary files, potentially leading to remote code execution, data compromise, and service disruption. The exploit has been publicly disclosed and may be actively exploited in the wild.

Technical Context

The vulnerability exists in a PHP-based web application (Campcodes Online Movie Theater Seat Reservation System 1.0) where the admin_class.php file handles movie data persistence. The save_movie function fails to implement proper file upload validation on the 'cover' parameter, allowing arbitrary file types to be uploaded without extension, MIME type, or content validation. This is classified under CWE-284 (Improper Access Control), but more accurately represents CWE-434 (Unrestricted Upload of File with Dangerous Type) patterns. The application appears to be built on PHP with direct file system write capabilities, making arbitrary PHP file uploads particularly dangerous. CPE identifier: cpe:2a:campcodes:online_movie_theater_seat_reservation_system:1.0:*:*:*:*:*:*:*

Affected Products

[{'vendor': 'Campcodes', 'product': 'Online Movie Theater Seat Reservation System', 'versions': ['1.0'], 'cpe': 'cpe:2a:campcodes:online_movie_theater_seat_reservation_system:1.0:*:*:*:*:*:*:*', 'affected_components': ['/admin/admin_class.php (save_movie function)'], 'status': 'Unpatched'}]

Remediation

[{'type': 'Immediate Mitigation', 'action': 'Restrict access to /admin/admin_class.php to authenticated users only using web server configuration (Apache/Nginx/.htaccess rules) or application-level authentication checks'}, {'type': 'Input Validation', 'action': 'Implement strict file upload validation in save_movie function: (1) Whitelist allowed file extensions (.jpg, .jpeg, .png, .gif only), (2) Validate MIME types server-side using php_fileinfo, (3) Check file content headers (magic bytes), (4) Store uploads outside web root or in non-executable directory, (5) Rename uploaded files with random identifiers'}, {'type': 'Patching', 'action': 'Contact Campcodes for security update. If unavailable, consider alternative solutions or fork/patch internally. Check vendor website/GitHub for CVE-2025-7547 patch availability'}, {'type': 'Deployment Hardening', 'action': 'Disable PHP execution in upload directories via web server configuration (.htaccess: AddType text/plain .php, or nginx location directive)'}, {'type': 'Monitoring', 'action': 'Monitor /admin/admin_class.php for unusual POST requests, implement file integrity monitoring on upload directories, log all file upload attempts with source IP and filename'}]

Priority Score

57
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +36
POC: +20

Share

CVE-2025-7547 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy