Skip to main content

Real Estate Property Listing App

1 CVEs product

Monthly

CVE-2025-14530 LOW POC Monitor

Unrestricted file upload in SourceCodester Real Estate Property Listing App 1.0 allows high-privileged authenticated users to upload arbitrary files via the image parameter in /admin/property.php, potentially leading to remote code execution. The vulnerability affects only administrators or high-privilege accounts due to PR:H requirements, but public exploit code exists and EPSS scoring indicates low real-world exploitation probability (0.07th percentile).

PHP Authentication Bypass File Upload Real Estate Property Listing App
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
EPSS 0% CVSS 2.0
LOW POC Monitor

Unrestricted file upload in SourceCodester Real Estate Property Listing App 1.0 allows high-privileged authenticated users to upload arbitrary files via the image parameter in /admin/property.php, potentially leading to remote code execution. The vulnerability affects only administrators or high-privilege accounts due to PR:H requirements, but public exploit code exists and EPSS scoring indicates low real-world exploitation probability (0.07th percentile).

PHP Authentication Bypass File Upload +1
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy