CVE-2025-1166

A vulnerability has been found in SourceCodester Food Menu Manager 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file endpoint/update.php. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
VulDBCNA
6.3 MEDIUM
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
VendorProductVersion
remsfood_menu_manager
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://gist.github.com/jmx0hxq/0ce2c97ca11b2423a203b5719438c9f8
https://vuldb.com/?ctiid.295069
https://vuldb.com/?id.295069
https://vuldb.com/?submit.494567
https://www.sourcecodester.com/