Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/03/26 7:14 p.m.9 views

CVE-2025-2749

An authenticated remote code execution in Kentico Xperience allows authenticated users Staging Sync Server to upload arbitrary data to path relative locations. This results in path traversal and arbitrary file upload, including content that can be executed server side leading to remote code...

7.2CVSS8.2AI score0.03854EPSS
Exploits1References1
Circl
Circl
added 2025/03/24 7:23 p.m.10 views

CVE-2025-2749

creationtimestamp| type| source ---|---|--- 2025-03-24 19:23:08+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8502 2025-03-24 22:35:06+00:00| seen| https://t.me/cvedetector/20994 2025-03-24 22:39:53+00:00| seen|...

7.2CVSS7.5AI score0.03854EPSS
Exploits1References8
NVD
NVD
added 2025/03/24 7:15 p.m.7 views

CVE-2025-2749

An authenticated remote code execution in Kentico Xperience allows authenticated users Staging Sync Server to upload arbitrary data to path relative locations. This results in path traversal and arbitrary file upload, including content that can be executed server side leading to remote code...

7.2CVSS0.03854EPSS
Exploits1References4
CVE
CVE
added 2025/03/24 6:18 p.m.84 views

CVE-2025-2749

CVE-2025-2749 affects Kentico Xperience versions up to and including 13.0.178, where an authenticated Staging Sync Server can upload data to path-relative locations, causing path traversal and arbitrary file uploads that can lead to remote code execution. Root cause is authenticated path traversa...

7.2CVSS8.1AI score0.03854EPSS
In wildExploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/24 6:18 p.m.9 views

CVE-2025-2749 Kentico Xperience <= 13.0.178 Staging Media File Upload Authenticated RCE

An authenticated remote code execution in Kentico Xperience allows authenticated users Staging Sync Server to upload arbitrary data to path relative locations. This results in path traversal and arbitrary file upload, including content that can be executed server side leading to remote code...

7.2CVSS7.8AI score0.03854EPSS
Exploits1References3
Rows per page
Query Builder