mtgsjr/CVE-2025-66802

Releases0

Sourcecodester Covid-19 Contact Tracing System 1.0 is vulnerable to RCE

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-66802 ↗	Jan 12, 2026Monday, 12 January 2026, 20:15	9.8 CRITICAL	—
Sourcecodester Covid-19 Contact Tracing System 1.0 is vulnerable to RCE (Remote Code Execution). The application receives a reverse shell (php) into imagem of the user enabling RCE.