CVE-2025-1593

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Feb 23, 2025

Updated: Feb 28, 2025

CWE ID 434

CWE ID 284

Summary

CVE-2025-1593 is a critical vulnerability identified in the SourceCodester Best Employee Management System 1.0. The issue lies within the Profile Picture Handler component, specifically in the /_hr_soft/assets/uploadImage/Profile/ file. An attacker can exploit this flaw to perform unrestricted uploads, allowing them to manipulate the system remotely.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Best Employee Management System

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3n6Qmb
https://www.cve.org/CVERecord?id=CVE-2025-1593
https://nvd.nist.gov/vuln/detail/CVE-2025-1593

Back to Vulnerability Database

CVE-2025-1593

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations