一、 漏洞 CVE-2025-6161 基础信息
漏洞信息
                                        神龙正在分析中.
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
SourceCodester Simple Food Ordering System editproduct.php unrestricted upload
来源:美国国家漏洞数据库 NVD
漏洞描述信息
A vulnerability, which was classified as critical, was found in SourceCodester Simple Food Ordering System 1.0. Affected is an unknown function of the file /editproduct.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
来源:美国国家漏洞数据库 NVD
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
来源:美国国家漏洞数据库 NVD
漏洞类别
危险类型文件的不加限制上传
来源:美国国家漏洞数据库 NVD
二、漏洞 CVE-2025-6161 的公开POC
# POC 描述 源链接 神龙链接
三、漏洞 CVE-2025-6161 的情报信息

  • 标题: Source Code & Projects Simple Food Ordering System Project V1.0 product.php Arbitrary File Upload · Issue #17 · kakalalaww/CVE -- 🔗来源链接

    标签: exploit issue-tracking

    Source Code & Projects Simple Food Ordering System Project V1.0 product.php Arbitrary File Upload · Issue #17 · kakalalaww/CVE

  • 标题: Free Source Code Projects and Tutorials - sourcecodester.com -- 🔗来源链接

    标签: product

    Free Source Code Projects and Tutorials - sourcecodester.com

  • 标题: Login required -- 🔗来源链接

    标签: signature permissions-required

    Login required

  • 标题: CVE-2025-6161 SourceCodester Simple Food Ordering System editproduct.php unrestricted upload (EUVD-2025-18477) -- 🔗来源链接

    标签: vdb-entry technical-description

    CVE-2025-6161 SourceCodester Simple Food Ordering System editproduct.php unrestricted upload (EUVD-2025-18477)

  • 标题: Submit #593237: Source Code & Projects Simple Food Ordering System V1.0 Unrestricted Upload -- 🔗来源链接

    标签: third-party-advisory

    Submit #593237: Source Code & Projects Simple Food Ordering System V1.0 Unrestricted Upload
  • https://nvd.nist.gov/vuln/detail/CVE-2025-6161