Unrestricted File Upload in itsourcecode Farm Management System
CVE-2025-0582

5.1MEDIUM

Key Information:

Vendor
Itsourcecode
Status
Farm Management System
Vendor
CVE Published:
20 January 2025

Summary

A security vulnerability exists in the itsourcecode Farm Management System that allows for unrestricted file uploads through the /add-pig.php file. Specifically, the vulnerability is triggered by manipulating the 'pigphoto' argument, enabling attackers to execute remote uploads of malicious files. This could potentially lead to further exploitation of the system, highlighting the need for proper input validation and security measures.

Affected Version(s)

Farm Management System 1.0

References

https://vuldb.com/?id.292600
vdb-entrytechnical-description
https://vuldb.com/?ctiid.292600
signaturepermissions-required
https://vuldb.com/?submit.484909
third-party-advisory

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

weiwei-abc (VulDB User)
.