EUVD-2025-35005

🗓️ 19 Oct 2025 18:30:12Reported by EUVDType

Path traversal in e107 system avatar handler enables remote attack via multiaction; public exploit.

Reporter	Title	Published	Views	Family All 7
Circl	CVE-2025-11941	19 Oct 202516:50	–	circl
CNNVD	e107 路径遍历漏洞	19 Oct 202500:00	–	cnnvd
CVE	CVE-2025-11941	19 Oct 202515:32	–	cve
Cvelist	CVE-2025-11941 e107 CMS Avatar image.php path traversal	19 Oct 202515:32	–	cvelist
NVD	CVE-2025-11941	19 Oct 202516:15	–	nvd
RedhatCVE	CVE-2025-11941	20 Oct 202519:28	–	redhatcve
Vulnrichment	CVE-2025-11941 e107 CMS Avatar image.php path traversal	19 Oct 202515:32	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "658b143c-885d-3f89-9189-ce2447540323",
        "vendor": {
          "name": "e107"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "93f52d74-ebff-3d98-98b3-dbcaf25e086b",
        "product": {
          "name": "CMS"
        },
        "product_version": "2.3.0"
      },
      {
        "id": "a1e4c34b-4068-37af-b4ad-c207dca25109",
        "product": {
          "name": "CMS"
        },
        "product_version": "2.3.1"
      },
      {
        "id": "bce99032-bc87-31dc-bdb2-b7eecf170986",
        "product": {
          "name": "CMS"
        },
        "product_version": "2.3.2"
      },
      {
        "id": "c159239d-07e4-35a2-bee9-7cf048a473c3",
        "product": {
          "name": "CMS"
        },
        "product_version": "2.3.3"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
note-hxlab	www.note-hxlab.wetolink.com/share/igdVbDCk2IkD
note-hxlab	www.note-hxlab.wetolink.com/share/igdVbDCk2IkD
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-11941

19 Oct 2025 18:30Current

5.4Medium risk

Vulners AI Score5.4

CVSS 45.3

CVSS 3.15.4

CVSS 25.5

CVSS 35.4

EPSS0.00121