CVE-2025-13949 | ProudMuBai GoFilm 1.0.0/1.0.1 FileController.go SingleUpload File unrestricted upload

A vulnerability marked as critical has been reported in ProudMuBai GoFilm 1.0.0/1.0.1. Impacted is the function SingleUpload of the file /server/controller/FileController.go. The manipulation of the argument File leads to unrestricted upload.

This vulnerability is listed as CVE-2025-13949. The attack may be initiated remotely. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More