EUVD-2025-23245

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Path traversal vulnerability in PowerCMS allows code execution via malicious backup restoration.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-46359	31 Jul 202509:01	–	circl
CNNVD	Alfasado PowerCMS 路径遍历漏洞	31 Jul 202500:00	–	cnnvd
CVE	CVE-2025-46359	31 Jul 202507:22	–	cve
Cvelist	CVE-2025-46359	31 Jul 202507:22	–	cvelist
Japan Vulnerability Notes	Multiple vulnerabilities in PowerCMS	1 Aug 202503:05	–	jvn
NVD	CVE-2025-46359	31 Jul 202508:15	–	nvd
Positive Technologies	PT-2025-31486 · Powercms · Powercms	31 Jul 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-46359	2 Aug 202520:22	–	redhatcve
Vulnrichment	CVE-2025-46359	31 Jul 202507:22	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "f6f909db-0ec6-3bc5-9dc8-8cfb73f26177",
        "vendor": {
          "name": "Alfasado Inc."
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "4fd67de4-6c2f-39ef-a477-1b362aa0743a",
        "product": {
          "name": "PowerCMS"
        },
        "product_version": "6.7 and earlier (PowerCMS 6.x series)"
      },
      {
        "id": "573c3f97-27f0-3123-a194-34028905f31e",
        "product": {
          "name": "PowerCMS"
        },
        "product_version": "4.6 and earlier (PowerCMS 4.x series)"
      },
      {
        "id": "c163edd6-07da-3043-a1e8-7d6d8a0b1b27",
        "product": {
          "name": "PowerCMS"
        },
        "product_version": "5.3 and earlier (PowerCMS 5.x series)"
      }
    ]
  }
]

Source	Link
powercms	www.powercms.jp/news/release-powercms-671-531-461.html
jvn	www.jvn.jp/en/vu/JVNVU93412964/

03 Oct 2025 20:07Current

7High risk

Vulners AI Score7

CVSS 3.17.2

CVSS 48.6

EPSS0.01276

SSVC

powercms vulnerability path traversal code execution backup restoration