2 matches found
CVE-2022-25581
Classcms v2.5 and below contains an arbitrary file upload via the component \class\classupload. This vulnerability allows attackers to execute code injection via a crafted .txt file...
CVE-2022-25581
CVE-2022-25581 affects Classcms v2.5 and earlier. The issue is an arbitrary file upload via the class\classupload component, which can allow code execution through a crafted .txt file. The vulnerability is documented across multiple feeds (NVD/Red Hat/OSV etc.) with no publicly provided patch det...