CVE-2025-14219
BaseFortify
Publication date: 2025-12-08
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| campcodes | retro_basketball_shoes_online_store | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Campcodes Retro Basketball Shoes Online Store 1.0, specifically in an unknown function within the file /admin/admin_running.php. It involves manipulation of the argument product_image, which can lead to unrestricted file upload. This means an attacker can remotely upload files without restriction, potentially allowing malicious files to be placed on the server.
How can this vulnerability impact me? :
The vulnerability can allow an attacker to remotely upload arbitrary files to the server, which may lead to unauthorized access, data modification, or disruption of service. This can compromise the integrity, confidentiality, and availability of the affected system.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can be performed by monitoring for anomalous HTTP POST requests to /admin/admin_running.php that include file uploads, especially those containing PHP code or unusual file extensions like .php or .php3. You can also look for requests with suspicious Content-Type headers that do not match the actual file content. Commands to detect such activity include using web server logs to grep for POST requests to the vulnerable endpoint and scanning upload directories for unexpected PHP files. For example, on a Linux server: 1) grep 'POST /admin/admin_running.php' /var/log/apache2/access.log 2) find /var/www/html/uploads/ -type f -name '*.php' 3) grep -r --include='*.php' 'eval(base64_decode' /var/www/html/uploads/ Additionally, deploying Endpoint Detection and Response (EDR) tools to detect unauthorized PHP execution and monitoring for AntSword client activity can help detect exploitation attempts. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1) Blocking PHP script uploads by configuring the web server to deny execution of .php files in the upload directory (e.g., using Apache <FilesMatch> directives or Nginx configuration to disable PHP execution in /uploads/). 2) Adding Web Application Firewall (WAF) rules to detect and block payloads associated with AntSword webshells, such as POST parameters containing eval(base64_decode) patterns. 3) Enhancing file upload validation by restricting allowed file extensions to safe image types (.jpg, .png), verifying file MIME types and content using functions like getimagesize() or fileinfo, and renaming uploaded files with UUIDs stored outside web-accessible directories. 4) Monitoring for suspicious requests and deploying EDR solutions to detect unauthorized PHP execution. If possible, consider replacing the affected product with a secure alternative. [2]