7 matches found
EUVD-2025-202628
A template injection vulnerability in the /vip/v1/file/save component of ChanCMS v3.3.4 allows attackers to execute arbitrary code via a crafted POST request...
CVE-2025-65602
A template injection vulnerability in the /vip/v1/file/save component of ChanCMS v3.3.4 allows attackers to execute arbitrary code via a crafted POST request...
CVE-2025-65602
A template injection vulnerability in the /vip/v1/file/save component of ChanCMS v3.3.4 allows attackers to execute arbitrary code via a crafted POST request...
CVE-2025-65602
A template injection vulnerability in the /vip/v1/file/save component of ChanCMS v3.3.4 allows attackers to execute arbitrary code via a crafted POST request...
CVE-2025-65602
A template injection vulnerability in the /vip/v1/file/save component of ChanCMS v3.3.4 allows attackers to execute arbitrary code via a crafted POST request...
PT-2025-50489
Name of the Vulnerable Software and Affected Versions ChanCMS version 3.3.4 Description A template injection issue exists in the /vip/v1/file/save component. Attackers can execute arbitrary code by submitting a specially crafted POST request. The vulnerable component is the /vip/v1/file/save API...
CVE-2025-65602
ChanCMS v3.3.4 contains a template injection vulnerability in the /vip/v1/file/save API endpoint that enables arbitrary code execution via a crafted POST request. Affected component/file: /vip/v1/file/save in ChanCMS 3.3.4. Root cause: template injection allowing code execution, as described acro...