How severe is CVE-2025-3244?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2025-3244?

This is classified as CWE-284, which is a common weakness in software security.

CVE-2025-3244

MEDIUM Year: 2025

CVSS v3 Score

8.8

High

CVSS v2 Score

6.5

Medium

Weakness Type

CWE-284

View all →

Vulnerability Description

A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /add-admin.php of the component Create User Page. The manipulation of the argument Avatar leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

CVE-2013-4246

HIGH

CVSS:8.8(High)

libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x before 1.8.2 might allow remote authenticated users with commit access to corrupt FSFS repositories and cause a denial of service or obtain sensitive in...

CWE-2842013

CVE-2014-4707

HIGH

CVSS:8.8(High)

Huawei Campus S7700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9300 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9700 with software V200R001C00S...

CWE-2842014

CVE-2014-5279

HIGH

CVSS:8.8(High)

The Docker daemon managed by boot2docker 1.2 and earlier improperly enables unauthenticated TCP connections by default, which makes it easier for remote attackers to gain privileges or execute arbitra...

CWE-2842014

CVE-2014-9489

HIGH

CVSS:8.8(High)

The gollum-grit_adapter Ruby gem dependency in gollum before 3.1.1 and the gollum-lib gem dependency in gollum-lib before 4.0.1 when the string "master" is in any of the wiki documents, allows remote ...

CWE-2842014