CVE-2025-6735

Medium CVSS: 5.3

A vulnerability classified as critical has been found in juzaweb CMS 3.4.2. Affected is an unknown function of the file /admin-cp/imports of the component Import Page. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor

Juzaweb

Product

Cms

CWE

CWE-266

Yayın Tarihi

2025-06-27 00:15:37

Güncelleme

2025-07-11 14:22:50

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-266 Cms MEDIUM Juzaweb 2025

Referanslar

https://github.com/Cyber-Wo0dy/report/blob/main/juzawebcms/3.4.2/juzawebcms_unprivileged_user_make_import.md https://vuldb.com/?ctiid.314010 https://vuldb.com/?id.314010 https://vuldb.com/?submit.597778

Benzer Kayıtlar

Medium

CVE-2025-6736

A vulnerability classified as critical was found in juzaweb CMS 3.4.2. Affected by this vulnerability is an unknown func…

Medium

CVE-2025-5429

A vulnerability classified as critical was found in juzaweb CMS up to 3.4.2. This vulnerability affects unknown code of…

Medium

CVE-2025-5427

A vulnerability was found in juzaweb CMS up to 3.4.2. It has been rated as critical. Affected by this issue is some unkn…

Medium

CVE-2025-5428

A vulnerability classified as critical has been found in juzaweb CMS up to 3.4.2. This affects an unknown part of the fi…

Medium

CVE-2025-5424

A vulnerability was found in juzaweb CMS up to 3.4.2 and classified as critical. This issue affects some unknown process…

Medium

CVE-2025-5425

A vulnerability was found in juzaweb CMS up to 3.4.2. It has been classified as critical. Affected is an unknown functio…