CVE-2025-5428

Medium CVSS: 5.3

A vulnerability classified as critical has been found in juzaweb CMS up to 3.4.2. This affects an unknown part of the file /admin-cp/log-viewer of the component Error Logs Page. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor

Juzaweb

Product

Cms

CWE

CWE-266

Yayın Tarihi

2025-06-02 04:15:44

Güncelleme

2025-06-16 16:18:13

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-266 Cms MEDIUM Juzaweb 2025

Referanslar

https://github.com/Cyber-Wo0dy/report/blob/main/juzawebcms/3.4.2/juzawebcms_unprivileged_user_list_delete_logs.md https://vuldb.com/?ctiid.310761 https://vuldb.com/?id.310761 https://vuldb.com/?submit.584056 https://github.com/Cyber-Wo0dy/report/blob/main/juzawebcms/3.4.2/juzawebcms_unprivileged_user_list_delete_logs.md

Benzer Kayıtlar

Medium

CVE-2025-6736

A vulnerability classified as critical was found in juzaweb CMS 3.4.2. Affected by this vulnerability is an unknown func…

Medium

CVE-2025-6735

A vulnerability classified as critical has been found in juzaweb CMS 3.4.2. Affected is an unknown function of the file…

Medium

CVE-2025-5429

A vulnerability classified as critical was found in juzaweb CMS up to 3.4.2. This vulnerability affects unknown code of…

Medium

CVE-2025-5427

A vulnerability was found in juzaweb CMS up to 3.4.2. It has been rated as critical. Affected by this issue is some unkn…

Medium

CVE-2025-5424

A vulnerability was found in juzaweb CMS up to 3.4.2 and classified as critical. This issue affects some unknown process…

Medium

CVE-2025-5425

A vulnerability was found in juzaweb CMS up to 3.4.2. It has been classified as critical. Affected is an unknown functio…