| Title | SourceCodester Pet grooming management software 1.0 Unrestricted Upload |
|---|
| Description | The SourceCodester Pet Grooming Management Software contains an unrestricted file upload vulnerability in the user profile picture upload functionality.
A low-privileged authenticated user can upload a malicious PHP file disguised as an image. The uploaded file is stored inside a web-accessible directory without sanitization or execution restrictions, allowing direct access and remote command execution. This results in full compromise of the application and underlying server. |
|---|
| Source | ⚠️ https://github.com/Asim-QAZi/Unrestricted-File-Upload-Leading-to-RCE-in-Sourcecodester-Pet-Grooming-Management-Software- |
|---|
| User | moasim (UID 93970) |
|---|
| Submission | 01/19/2026 20:56 (5 months ago) |
|---|
| Moderation | 01/30/2026 11:57 (11 days later) |
|---|
| Status | Duplicate |
|---|
| VulDB entry | 323861 [SourceCodester Pet Grooming Management Software 1.0 user.php website_image unrestricted upload] |
|---|
| Points | 0 |
|---|