CVE-2025-51651

Medium CVSS: 5.5

An authenticated arbitrary file download vulnerability in the component /admin/Backups.php of Mccms v2.7.0 allows attackers to download arbitrary files via a crafted GET request.

Vendor

Chshcms

Product

Mccms

CWE

CWE-598

Yayın Tarihi

2025-07-14 17:15:33

Güncelleme

2025-07-17 13:27:40

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-598 Mccms MEDIUM Chshcms 2025

Referanslar

https://github.com/Y4y17/CVE/blob/main/Arbitrary%20file%20download%20vulnerability.md

Benzer Kayıtlar

Medium

CVE-2025-51818

MCCMS 2.7.0 is vulnerable to Arbitrary file deletion in the Backups.php component. This allows an attacker to execute ar…

Medium

CVE-2025-50234

MCCMS v2.7.0 has an SSRF vulnerability located in the index() method of the sys\apps\controllers\api\Gf.php file, where…

Medium

CVE-2025-5327

A vulnerability was found in chshcms mccms 2.7. It has been classified as critical. This affects the function index of t…

Medium

CVE-2025-5328

A vulnerability was found in chshcms mccms 2.7. It has been declared as critical. This vulnerability affects the functio…