CVE-2025-1599
Published: 24 February 2025
Description
Adversaries may delete files left behind by the actions of their intrusion activity.
Security Summary
CVE-2025-1599 is a path traversal vulnerability in SourceCodester Best Church Management Software version 1.0. The issue affects an unknown functionality within the file /admin/app/profile_crud.php, where manipulation of the old_cat_img argument enables traversal sequences such as '../filedir'. Classified under CWEs-22, CWE-23, and CWE-24, it has a CVSS v3.1 base score of 5.4 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L), rated as problematic.
The vulnerability can be exploited remotely by authenticated users with low privileges (PR:L), requiring no user interaction and low attack complexity. Successful exploitation allows limited integrity and availability impacts, such as unauthorized file deletion, without compromising confidentiality.
Advisories from VulDB and a public GitHub repository detail the exploit, which has been disclosed and may be actively used. The vendor was contacted early but provided no response, and no patches or mitigations are mentioned in available references.
The exploit code is publicly available on GitHub, targeting file deletion in the application.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Path traversal vulnerability in public-facing web application (/admin/app/profile_crud.php) enables remote exploitation (T1190) and arbitrary file deletion (T1070.004) for indicator removal.