How severe is CVE-2025-4926?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 7.2 out of 10.

What type of vulnerability is CVE-2025-4926?

This is classified as CWE-284, which is a common weakness in software security.

CVE-2025-4926 - MEDIUM Severity | CVSS 7.2

Vulnerability Description

A vulnerability was found in PHPGurukul Car Rental Project 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/post-avehical.php. The manipulation of the argument img1/img2/img3/img4/img5 leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Related Vulnerabilities

CVE-2015-3653

HIGH

CVSS:7.2(High)

Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to write to arbitrary files within the underlying operating system and consequent...

CWE-2842015

CVE-2015-3654

HIGH

CVSS:7.2(High)

Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to gain root privileges via unspecified vectors, a different vulnerability than C...

CWE-2842015

CVE-2015-3657

HIGH

CVSS:7.2(High)

Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated lower-level administrators to gain "Super Admin" privileges via unspecified vectors.

CWE-2842015

CVE-2015-4649

HIGH

CVSS:7.2(High)

CWE-2842015

CVE-2016-10084

HIGH

CVSS:7.2(High)

admin/batch_manager.php in Piwigo through 2.8.3 allows remote authenticated administrators to conduct File Inclusion attacks via the $page['tab'] variable (aka the mode parameter).

CWE-2842016

CVE-2016-10085

HIGH

CVSS:7.2(High)

admin/languages.php in Piwigo through 2.8.3 allows remote authenticated administrators to conduct File Inclusion attacks via the tab parameter.

CWE-2842016