4 matches found
CVE-2025-1336
A vulnerability has been found in CmsEasy 7.7.7.9 and classified as problematic. Affected by this vulnerability is the function deleteimgaction in the library lib/admin/imageadmin.php. The manipulation of the argument imgname leads to path traversal. The attack can be launched remotely. The explo...
CVE-2025-1336
creationtimestamp| type| source ---|---|--- 2025-02-16 09:03:53+00:00| seen| https://infosec.exchange/users/cve/statuses/114012758525808669 2025-02-16 09:15:19+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3libvge6hnm2p 2025-02-16 10:12:54+00:00|...
CVE-2025-1336 CmsEasy image_admin.php deleteimg_action path traversal
A vulnerability has been found in CmsEasy 7.7.7.9 and classified as problematic. Affected by this vulnerability is the function deleteimgaction in the library lib/admin/imageadmin.php. The manipulation of the argument imgname leads to path traversal. The attack can be launched remotely. The explo...
CVE-2025-1336
CmsEasy 7.7.7.9 is affected by a path traversal vulnerability in deleteimg_action (lib/admin/image_admin.php) caused by unsafely handling the imgname parameter. A remote attacker could exploit this, and public exploits have been disclosed. Multiple sources confirm remote access and public disclos...