7 matches found
CVE-2025-46078
HuoCMS V3.5.1 and before is vulnerable to file upload, which allows attackers to take control of the target server...
CVE-2025-46080
HuoCMS V3.5.1 has a File Upload Vulnerability. An attacker can exploit this flaw to bypass whitelist restrictions and craft malicious files with specific suffixes, thereby gaining control of the server...
CVE-2025-46078
HuoCMS V3.5.1 and before is vulnerable to file upload, which allows attackers to take control of the target server...
CVE-2025-46078
HuoCMS V3.5.1 and before is vulnerable to file upload, which allows attackers to take control of the target server...
CVE-2025-46078
CVE-2025-46078 affects HuoCMS v3.5.1 and earlier. Several connected sources confirm a file-upload vulnerability that can lead to server compromise. The root cause described in the exploit details is an insecure upload pipeline (sliceUploadAndSave/Upload.php) allowing attacker-controlled parameter...
CVE-2025-46078
HuoCMS V3.5.1 and before is vulnerable to file upload, which allows attackers to take control of the target server...
PT-2025-23159 · Huocms · Huocms
Name of the Vulnerable Software and Affected Versions: HuoCMS versions 3.5.1 and earlier Description: The issue allows attackers to take control of the target server through file upload. Recommendations: For HuoCMS versions 3.5.1 and earlier, at the moment, there is no information about a newer...