CVE-2025-10763 | academico-sis academico up to d9a9e2636fbf7e5845ee086bcb03ca62faceb6ab Profile Picture /edit-photo unrestricted upload

A vulnerability identified as critical has been detected in academico-sis academico up to d9a9e2636fbf7e5845ee086bcb03ca62faceb6ab. Affected by this issue is some unknown functionality of the file /edit-photo of the component Profile Picture Handler. This manipulation causes unrestricted upload.

This vulnerability is tracked as CVE-2025-10763. The attack is possible to be carried out remotely. Moreover, an exploit is present.

This product adopts a rolling release strategy to maintain continuous delivery

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More