CVE-2025-69990
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2026-01-13
Last updated on: 2026-01-16
Assigner: MITRE
Description
Description
phpgurukul News Portal Project V4.1 has an Arbitrary File Deletion Vulnerability in remove_file.php. The parameter file can cause any file to be deleted.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| phpgurukul | news_portal | 4.1 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-552 | The product makes files or directories accessible to unauthorized actors, even though they should not be. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in phpgurukul News Portal Project V4.1 is an Arbitrary File Deletion issue located in the remove_file.php script. It allows an attacker to delete any file on the server by manipulating the 'file' parameter. [1]
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized deletion of files on the server, potentially causing data loss, disruption of service, or deletion of critical system or application files, which may compromise the availability and integrity of the affected system. [1]
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70