CVE-2025-25766

Medium CVSS: 4.8

An arbitrary file upload vulnerability in the component /file/savefile.do of MRCMS v3.1.2 allows attackers to execute arbitrary code via uploading a crafted .jsp file.

Vendor

Mrcms

Product

Mrcms

CWE

CWE-77

Yayın Tarihi

2025-02-21 18:16:12

Güncelleme

2025-03-28 18:46:37

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-77 Mrcms MEDIUM Mrcms 2025

Referanslar

https://flowus.cn/share/7097c747-ae3e-4cef-a198-285863698607

Benzer Kayıtlar

Medium

CVE-2026-29909

MRCMS V3.1.2 contains an unauthenticated directory enumeration vulnerability in the file management module. The /admin/f…

Medium

CVE-2025-50581

MRCMS v3.1.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/group/save.do…

Medium

CVE-2025-4327

A vulnerability was found in MRCMS 3.1.2. It has been classified as problematic. Affected is an unknown function. The ma…

Medium

CVE-2025-4326

A vulnerability was found in MRCMS 3.1.2 and classified as problematic. This issue affects some unknown processing of th…

Medium

CVE-2025-4325

A vulnerability has been found in MRCMS 3.1.2 and classified as problematic. This vulnerability affects unknown code of…

Medium

CVE-2025-4324

A vulnerability, which was classified as problematic, was found in MRCMS 3.1.2. This affects an unknown part of the file…