| Title | SourceCodester Real Estate Property Listing App Using PHP and MySQL with Source Code 1 Unrestricted Upload |
|---|
| Description | A vulnerability has been discovered in the SourceCodester Real Estate Property Listing App Using PHP and MySQL with Source Code. The affected feature is the file upload functionality in the `/admin/property.php` file. Attackers can upload arbitrary files using the `image` parameter, potentially gaining a shell . |
|---|
| Source | ⚠️ https://github.com/zzdzz7/cve/issues/2 |
|---|
| User | zzdzz (UID 93061) |
|---|
| Submission | 11/28/2025 17:33 (7 months ago) |
|---|
| Moderation | 12/11/2025 10:14 (13 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 335871 [SourceCodester Real Estate Property Listing App 1.0 /admin/property.php image unrestricted upload] |
|---|
| Points | 19 |
|---|