CVE-2025-13185 | Bdtask/CodeCanyon News365 up to 7.0.3 /admin/dashboard/profile profile_image/banner_image unrestricted upload

A vulnerability classified as critical was found in Bdtask/CodeCanyon News365 up to 7.0.3. This affects an unknown function of the file /admin/dashboard/profile. The manipulation of the argument profile_image/banner_image results in unrestricted upload.

This vulnerability is reported as CVE-2025-13185. The attack can be launched remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More