Critical severity9.1NVD Advisory· Published Sep 3, 2025· Updated Apr 6, 2026
CVE-2025-57148
CVE-2025-57148
Description
phpgurukul Online Shopping Portal 2.0 is vulnerable to Arbitrary File Upload in /admin/insert-product.php, due to the lack of extension validation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:phpgurukul:online_shopping_portal:2.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:phpgurukul:online_shopping_portal:2.0:*:*:*:*:*:*:*
- (no CPE)range: = 2.0
Patches
Vulnerability mechanics
References
2- doc.clickup.com/3897127/p/h/3pxt7-12496/7fdf159633a77d1nvdExploitThird Party Advisory
- github.com/hptcybersecurity/CVE/blob/main/CVE-2025-57148.mdnvd
News mentions
0No linked articles in our index yet.