Critical severity9.1NVD Advisory· Published Sep 3, 2025· Updated Apr 6, 2026
CVE-2025-57148
CVE-2025-57148
Description
phpgurukul Online Shopping Portal 2.0 is vulnerable to Arbitrary File Upload in /admin/insert-product.php, due to the lack of extension validation.
Affected products
1- cpe:2.3:a:phpgurukul:online_shopping_portal:2.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- doc.clickup.com/3897127/p/h/3pxt7-12496/7fdf159633a77d1nvdExploitThird Party Advisory
- github.com/hptcybersecurity/CVE/blob/main/CVE-2025-57148.mdnvd
News mentions
0No linked articles in our index yet.