CVE-2025-25791 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An arbitrary file upload vulnerability in the plugin installation feature of YZNCMS v2.0.1 allows attackers to execute arbitrary code via uploading a crafted Zi…
Medium CVSS: 4.4

CVE-2025-25791

An arbitrary file upload vulnerability in the plugin installation feature of YZNCMS v2.0.1 allows attackers to execute arbitrary code via uploading a crafted Zip file.
Vendor
Yzncms
Product
Yzncms
CWE
CWE-77
Yayın Tarihi
2025-02-26 15:15:27
Güncelleme
2025-04-07 18:52:59
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-77 Yzncms MEDIUM Yzncms 2025

Referanslar

http://yzncms.com https://gitee.com/ken678/YZNCMS https://github.com/Ka7arotto/YZNCMS/blob/main/yzncms-upload.md