CVE-2025-69992 — Out-of-bounds Read in News Portal

CWE-125 — Out-of-bounds Read3 documents3 sources

Severity

9.8CRITICALNVD

EPSS

0.1%

top 75.09%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Phpgurukul News Portal

Timeline

PublishedJan 13

Description

phpgurukul News Portal Project V4.1 has File Upload Vulnerability via upload.php, which enables the upload of files of any format to the server without identity authentication.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

▶NVDphpgurukul/news_portal4.1

🔴Vulnerability Details

CVEList

CVE-2025-69992: phpgurukul News Portal Project V4↗2026-01-13

▶

GHSA

GHSA-7vx5-3h3f-34xj: phpgurukul News Portal Project V4↗2026-01-13

▶