CVE-2025-3969 PoC — codeprojects News Publishing Site Dashboard Edit Category Page edit-category.php unrestricted upload

Source

https://github.com/Alif145/CVE-2025-3969-Exploit

Associated Vulnerability

Title:codeprojects News Publishing Site Dashboard Edit Category Page edit-category.php unrestricted upload (CVE-2025-3969)
Description:A vulnerability was found in codeprojects News Publishing Site Dashboard 1.0. It has been rated as critical. This issue affects some unknown processing of the file /edit-category.php of the component Edit Category Page. The manipulation of the argument category_image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Readme

# CVE-2025-3969-Exploit

File Snapshot


 [4.0K]  /data/pocs/07d83f79f81985e1d2fb1fd7755d5a8c90b772bf
├── [225K]  2025-08-01_01-26.png
├── [4.0K]  bin
│   ├── [2.2K]  activate
│   ├── [ 937]  activate.csh
│   ├── [2.2K]  activate.fish
│   ├── [8.8K]  Activate.ps1
│   ├── [ 268]  normalizer
│   ├── [ 263]  pip
│   ├── [ 263]  pip3
│   └── [ 263]  pip3.13
├── [8.7K]  CVE-2025-3969.py
├── [ 12K]  import base64.py
├── [1.3K]  LICENSE
├── [ 185]  pyvenv.cfg
├── [  23]  README.md
├── [   8]  requirements.txt
└── [4.0K]  urllib3-2.5.0.dist-info
    ├── [   4]  INSTALLER
    ├── [4.0K]  licenses
    │   └── [1.1K]  LICENSE.txt
    ├── [6.3K]  METADATA
    ├── [5.4K]  RECORD
    └── [  87]  WHEEL

3 directories, 20 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!