CVE-2025-5429

Medium CVSS: 5.3

A vulnerability classified as critical was found in juzaweb CMS up to 3.4.2. This vulnerability affects unknown code of the file /admin-cp/plugin/install of the component Plugins Page. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor

Juzaweb

Product

Cms

CWE

CWE-266

Yayın Tarihi

2025-06-02 05:16:08

Güncelleme

2025-06-18 15:14:39

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-266 Cms MEDIUM Juzaweb 2025

Referanslar

https://github.com/Cyber-Wo0dy/report/blob/main/juzawebcms/3.4.2/juzawebcms_unprivileged_user_list_install_plugins.md https://vuldb.com/?ctiid.310762 https://vuldb.com/?id.310762 https://vuldb.com/?submit.584057

Benzer Kayıtlar

Medium

CVE-2025-6736

A vulnerability classified as critical was found in juzaweb CMS 3.4.2. Affected by this vulnerability is an unknown func…

Medium

CVE-2025-6735

A vulnerability classified as critical has been found in juzaweb CMS 3.4.2. Affected is an unknown function of the file…

Medium

CVE-2025-5427

A vulnerability was found in juzaweb CMS up to 3.4.2. It has been rated as critical. Affected by this issue is some unkn…

Medium

CVE-2025-5428

A vulnerability classified as critical has been found in juzaweb CMS up to 3.4.2. This affects an unknown part of the fi…

Medium

CVE-2025-5424

A vulnerability was found in juzaweb CMS up to 3.4.2 and classified as critical. This issue affects some unknown process…

Medium

CVE-2025-5425

A vulnerability was found in juzaweb CMS up to 3.4.2. It has been classified as critical. Affected is an unknown functio…