VirtueMart Unrestricted File Upload Vulnerability in Product Image Section

Vulnerability

A vulnerability allowing unrestricted file uploads has been identified in the Product Image section of the VirtueMart backend. This issue allows authenticated attackers to upload files with arbitrary extensions, including executable or malicious files. Such uploads could lead to remote code execution or other security issues, depending on the server's configuration.

Impact

Exploitation of this vulnerability could result in remote code execution on the server.

Added: Jun 11, 2025, 5:17 PM

Updated: Jun 11, 2025, 5:17 PM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

7.5

exploitability

5.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

7.5

exploitability

5.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

VirtueMart Unrestricted File Upload Vulnerability in Product Image Section

Vulnerability

Impact

Affected Products

VirtueMart

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating