CVE-2025-29709: SourceCodester Company Website CMS 1.0 has a File upload vulnerability via the "Create portfolio" file /dashboard/portfolio.
Description
SourceCodester Company Website CMS 1.0 has a File upload vulnerability via the "Create portfolio" file /dashboard/portfolio.
Classification
CVE ID: CVE-2025-29709
Affected Products
Vendor: n/a
Product: n/a
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 12.61% (scored less or equal to compared to others)
EPSS Date: 2025-04-18 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2025-29709https://github.com/fupanc-w1n/fupanc/blob/main/php/Company%20Website%20CMS2.md
https://github.com/fupanc-w1n/fupanc/blob/main/php/CVE-2025-29709.md