CVE-2025-45997

Published May 28th, 2025

View on NVD ↗

CVSS v3

8.6

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

Sourcecodester Web-based Pharmacy Product Management System v.1.0 has a file upload vulnerability. An attacker can upload a PHP file disguised as an image by modifying the Content-Type header to image/jpg.

litsasuk/CVE-POC

GitHub