EUVD-2015-7481

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Unrestricted file upload vulnerability in Yeager CMS 1.2.1 allows code execution by remote attackers.

Reporter	Title	Published	Views	Family All 11
0day.today	Yeager CMS 1.2.1 - Multiple Vulnerabilities	10 Feb 201600:00	–	zdt
CNVD	Yeager Arbitrary File Upload Vulnerability	27 Feb 201600:00	–	cnvd
CVE	CVE-2015-7571	7 Aug 201720:00	–	cve
Cvelist	CVE-2015-7571	7 Aug 201720:00	–	cvelist
Exploit DB	Yeager CMS 1.2.1 - Multiple Vulnerabilities	10 Feb 201600:00	–	exploitdb
exploitpack	Yeager CMS 1.2.1 - Multiple Vulnerabilities	10 Feb 201600:00	–	exploitpack
Imperva Blog	CrimeOps of the KashmirBlack Botnet – Part II	22 Oct 202018:55	–	impervablog
NVD	CVE-2015-7571	7 Aug 201720:29	–	nvd
Packet Storm	Yeager CMS 1.2.1 File Upload / SQL Injection / XSS / SSRF	11 Feb 201600:00	–	packetstorm
Prion	Unrestricted file upload	7 Aug 201720:29	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "07584fb7-c636-32fc-92be-002d18a05436",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "c78d3727-a028-3334-b090-3ae1b62f65b1",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/cve/CVE-2015-7571
securityfocus	www.securityfocus.com/archive/1/537493/100/0/threaded
exploit-db	www.exploit-db.com/exploits/39436/
packetstormsecurity	www.packetstormsecurity.com/files/135716/Yeager-CMS-1.2.1-File-Upload-SQL-Injection-XSS-SSRF.html
seclists	www.seclists.org/fulldisclosure/2016/Feb/44
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

7.8High risk

Vulners AI Score7.8

CVSS 37.8

CVSS 26.8

EPSS0.03342