CVE-2025-69992

CRITICAL

9.8

Description

phpgurukul News Portal Project V4.1 has File Upload Vulnerability via upload.php, which enables the upload of files of any format to the server without identity authentication.

Details CVE

Score CVSS v3.19.8

SeveriteCRITICAL

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisNONE

Interaction utilisateurNONE

Publie1/13/2026

Derniere modification1/16/2026

Sourcenvd

Observations honeypot0

Produits affectes

phpgurukul:news_portal

Faiblesses (CWE)

CWE-125

References

https://github.com/Y4y17/CVE/blob/main/News%20Portal%20Project/File%20upload%20vulnerability.md(cve@mitre.org)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.