CVE-2025-8174
BaseFortify
Publication date: 2025-07-26
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| fabian | voting_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-8174 is an unrestricted file upload vulnerability in the code-projects Voting System version 1.0, specifically in the /admin/candidates_add.php file. The vulnerability occurs because the application does not properly validate the type or filename of files uploaded through the 'photo' parameter. This allows a remote attacker to upload malicious files, such as PHP webshells, which can then be executed on the server, leading to remote code execution and full compromise of the server hosting the application. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can have severe impacts including allowing an attacker to remotely upload and execute malicious scripts on the server. This leads to remote code execution, which compromises the confidentiality, integrity, and availability of the system. An attacker can gain full control over the server, potentially accessing sensitive data, modifying or deleting information, and disrupting service availability. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for suspicious HTTP POST requests to the endpoint '/admin/candidates_add.php' that include file uploads via the 'photo' parameter. You can look for uploads of files with potentially dangerous extensions like '.php'. For example, using command-line tools like curl or tcpdump to capture and inspect traffic, or using web server logs to identify POST requests to this endpoint with unusual filenames. Additionally, attackers may use Google dorking with 'inurl:admin/candidates_add.php' to find vulnerable targets. Specific commands might include: 1) Using grep on web server logs to find POST requests to '/admin/candidates_add.php': `grep 'POST /admin/candidates_add.php' /var/log/apache2/access.log` 2) Using tcpdump to capture HTTP traffic and filter for uploads: `tcpdump -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep 'photo'` 3) Using curl to test upload functionality with a benign file to see if uploads are accepted without validation. These methods help detect attempts to exploit the unrestricted file upload vulnerability. [2, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1) Implement strict server-side file type validation using a whitelist approach. Use PHP functions like finfo_file() to verify the MIME type of uploaded files and only allow safe image formats such as image/jpeg, image/png, and image/gif. 2) Generate random and unpredictable filenames for uploaded files instead of using the original user-provided filenames to prevent attackers from knowing the file path and to avoid overwriting files. 3) Restrict the upload directory permissions to prevent execution of uploaded files, for example by disabling PHP execution in the upload directory via web server configuration. 4) If possible, replace or update the affected component with a secure alternative, as no known countermeasures currently exist for this vulnerable version. 5) Monitor and block suspicious upload attempts and consider temporarily disabling the upload functionality until a secure fix is applied. [2, 3]