SecBoard
Zurück zur CVE-Übersicht

CVE-2025-25791

MEDIUM(4.4)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Risk Signal Score11/100 — NIEDRIG
  • CVSS 4.4 — Mittel

EPSS-Score

0%

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

4.4

Technische Schwere

Beschreibung

An arbitrary file upload vulnerability in the plugin installation feature of YZNCMS v2.0.1 allows attackers to execute arbitrary code via uploading a crafted Zip file.

Referenzen