CVE-2025-57148

Severity

9.1CRITICAL

EPSS

0.1%

top 83.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedSep 3

Description

phpgurukul Online Shopping Portal 2.0 is vulnerable to Arbitrary File Upload in /admin/insert-product.php, due to the lack of extension validation.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 2.3 | Impact: 6.0

GHSA

GHSA-r8mj-j9rp-jf4j: phpgurukul Online Shopping Portal 2↗2025-09-03

▶

CVEList

CVE-2025-57148: phpgurukul Online Shopping Portal 2↗2025-09-03

▶