File Upload Vulnerability in SourceCodester Company Website CMS
CVE-2025-29709
9.8CRITICAL
What is CVE-2025-29709?
The SourceCodester Company Website CMS 1.0 has a significant file upload vulnerability that allows unauthorized users to upload files through the 'Create portfolio' feature located at /dashboard/portfolio. This inadequately secured endpoint poses a risk of malicious file uploads, potentially leading to further exploitation of the server and unauthorized access to sensitive data. Website owners utilizing this CMS version should immediately assess their systems for this vulnerability and apply necessary security measures.