7 matches found
Exploit for CVE-2025-10353
CVE-2025-10353 - File Upload RCE PoC 🛠️ Exploit for CVE-202...
Path Equivalence
Overview melisplatform/melis-cms-slider is a Melis Platform slider module Affected versions of this package are vulnerable to Path Equivalence via the mcsdetailimg parameter. An attacker can execute arbitrary code on the server by uploading a malicious file through a POST request to...
CVE-2025-10353
File upload leading to remote code execution RCE in the “melis-cms-slider” module of Melis Technology's Melis Platform. This vulnerability allows an attacker to upload a malicious file via a POST request to '/melis/MelisCmsSlider/MelisCmsSliderDetails/saveDetailsForm' using the 'mcsdetailimg'...
CVE-2025-10353 Missing Authorization vulnerability in Melis Platform
File upload leading to remote code execution RCE in the “melis-cms-slider” module of Melis Technology's Melis Platform. This vulnerability allows an attacker to upload a malicious file via a POST request to '/melis/MelisCmsSlider/MelisCmsSliderDetails/saveDetailsForm' using the 'mcsdetailimg'...
CVE-2025-10353 Missing Authorization vulnerability in Melis Platform
File upload leading to remote code execution RCE in the “melis-cms-slider” module of Melis Technology's Melis Platform. This vulnerability allows an attacker to upload a malicious file via a POST request to '/melis/MelisCmsSlider/MelisCmsSliderDetails/saveDetailsForm' using the 'mcsdetailimg'...
PT-2025-41246
Name of the Vulnerable Software and Affected Versions Melis Platform versions affected versions not specified Description A file upload issue exists in the “melis-cms-slider” module of Melis Technology's Melis Platform, potentially leading to remote code execution RCE. An attacker can upload a...
Melis Platform 安全漏洞
Melis Platform is an open source cross-framework digital platform from Melis Platform Open Source. A security vulnerability exists in Melis Platform, which stems from a flaw in the file upload functionality of the melis-cms-slider module that could lead to remote code execution...