CVE-2025-15423 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A vulnerability has been found in EmpireSoft EmpireCMS up to 8.0. Impacted is the function CheckSaveTranFiletype of the file e/class/connect.php. Such manipulat…
Medium CVSS: 5.3

CVE-2025-15423

A vulnerability has been found in EmpireSoft EmpireCMS up to 8.0. Impacted is the function CheckSaveTranFiletype of the file e/class/connect.php. Such manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Vendor
Phome
Product
Empirecms
CWE
CWE-284
Yayın Tarihi
2026-01-02 03:15:51
Güncelleme
2026-01-07 21:57:24
Source Identifier
cna@vuldb.com
KEV Date Added
-

Kategoriler

CWE-284 Empirecms MEDIUM Phome 2026

Referanslar

https://note-hxlab.wetolink.com/share/28QXRLje7Uz1 https://note-hxlab.wetolink.com/share/28QXRLje7Uz1#-span--strong-proof-of-concept---strong---span- https://vuldb.com/?ctiid.339345 https://vuldb.com/?id.339345 https://vuldb.com/?submit.721346