CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2025-9400 – YiFang CMS P_file.php mergeMultipartUpload unrestricted upload
https://notcve.org/view.php?id=CVE-2025-9400
25 Aug 2025 — A flaw has been found in YiFang CMS up to 2.0.5. This affects the function mergeMultipartUpload of the file app/utils/base/plugin/P_file.php. This manipulation of the argument File causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be used. • https://vuldb.com/?id.321236 • CWE-284: Improper Access Control CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2025-9399 – YiFang CMS L_tool.php sql injection
https://notcve.org/view.php?id=CVE-2025-9399
25 Aug 2025 — A vulnerability was detected in YiFang CMS up to 2.0.5. Affected by this issue is some unknown functionality of the file app/logic/L_tool.php. The manipulation of the argument new_url results in sql injection. The attack may be launched remotely. The exploit is now public and may be used. • https://vuldb.com/?id.321235 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.9EPSS: 0%CPEs: 6EXPL: 1CVE-2025-9398 – YiFang CMS Migrate.php exportInstallTable information disclosure
https://notcve.org/view.php?id=CVE-2025-9398
24 Aug 2025 — A security vulnerability has been detected in YiFang CMS up to 2.0.5. Affected by this vulnerability is the function exportInstallTable of the file app/utils/base/database/Migrate.php. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. • https://vuldb.com/?id.321234 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 3CVE-2012-10054 – Umbraco CMS < 4.7.1 codeEditorSave.asmx RCE
https://notcve.org/view.php?id=CVE-2012-10054
13 Aug 2025 — Umbraco CMS versions prior to 4.7.1 are vulnerable to unauthenticated remote code execution via the codeEditorSave.asmx SOAP endpoint, which exposes a SaveDLRScript operation that permits arbitrary file uploads without authentication. By exploiting a path traversal flaw in the fileName parameter, attackers can write malicious ASPX scripts directly into the web-accessible /umbraco/ directory and execute them remotely. • https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/umbraco_upload_aspx.rb • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 2CVE-2025-34086 – Bolt CMS Authenticated Remote Code Execution via Profile Injection and File Rename
https://notcve.org/view.php?id=CVE-2025-34086
03 Jul 2025 — Bolt CMS versions 3.7.0 and earlier contain a chain of vulnerabilities that together allow an authenticated user to achieve remote code execution. A user with valid credentials can inject arbitrary PHP code into the displayname field of the user profile, which is rendered unsanitized in backend templates. The attacker can then list and rename cached session files via the /async/browse/cache/.sessions and /async/folder/rename endpoints. By renaming a .session file to a path under the publicly accessible /fil... • https://boltcms.io/newsitem/major-announcements-bolt-3-eol-bolt-4-2-5-0-releases • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 4.8EPSS: 0%CPEs: 3EXPL: 1CVE-2025-5383 – Yifang CMS Article Management Module cross site scripting
https://notcve.org/view.php?id=CVE-2025-5383
31 May 2025 — A vulnerability was found in Yifang CMS up to 2.0.2 and classified as problematic. Affected by this issue is some unknown functionality of the component Article Management Module. The manipulation of the argument Default Value leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://gitee.com/wanglongcn/yifang/issues/IC41YQ • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 1CVE-2025-5381 – Yifang CMS Admin Panel downloadFile path traversal
https://notcve.org/view.php?id=CVE-2025-5381
31 May 2025 — A vulnerability, which was classified as problematic, was found in Yifang CMS up to 2.0.2. Affected is the function downloadFile of the file /api/File/downloadFile of the component Admin Panel. The manipulation of the argument File leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://gitee.com/wanglongcn/yifang/issues/IC0RCX • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.9EPSS: 38%CPEs: 2EXPL: 0CVE-2025-35939 – Craft CMS External Control of Assumed-Immutable Web Parameter Vulnerability
https://notcve.org/view.php?id=CVE-2025-35939
07 May 2025 — Craft CMS stores arbitrary content provided by unauthenticated users in session files. This content could be accessed and executed, possibly using an independent vulnerability. Craft CMS redirects requests that require authentication to the login page and generates a session file on the server at `/var/lib/php/sessions`. Such session files are named `sess_[session_value]`, where `[session_value]` is provided to the client in a `Set-Cookie` response header. Craft CMS stores the return URL requested by the cl... • https://github.com/craftcms/cms/pull/17220 • CWE-472: External Control of Assumed-Immutable Web Parameter •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52600 – Statamic CMS has Path Traversal in Asset Upload
https://notcve.org/view.php?id=CVE-2024-52600
19 Nov 2024 — Statmatic is a Laravel and Git powered content management system (CMS). Prior to version 5.17.0, assets uploaded with appropriately crafted filenames may result in them being placed in a location different than what was configured. The issue affects front-end forms with `assets` fields and other places where assets can be uploaded, although users would need upload permissions anyway. Files can be uploaded so they would be located on the server in a different location, and potentially override existing files... • https://github.com/statamic/cms/commit/0c07c10009a2439c8ee56c8faefd1319dc6e388d • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.9EPSS: 0%CPEs: 19EXPL: 1CVE-2024-7065 – Spina CMS cross-site request forgery
https://notcve.org/view.php?id=CVE-2024-7065
24 Jul 2024 — A vulnerability was found in Spina CMS up to 2.18.0. It has been classified as problematic. Affected is an unknown function of the file /admin/pages/. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. • https://github.com/topsky979/Security-Collections/blob/main/1700810/README.md • CWE-352: Cross-Site Request Forgery (CSRF) •