6 matches found
CVE-2025-9400
A flaw has been found in YiFang CMS up to 2.0.5. This affects the function mergeMultipartUpload of the file app/utils/base/plugin/Pfile.php. This manipulation of the argument File causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be...
CVE-2025-9400
A flaw has been found in YiFang CMS up to 2.0.5. This affects the function mergeMultipartUpload of the file app/utils/base/plugin/Pfile.php. This manipulation of the argument File causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be...
CVE-2025-9400
A flaw has been found in YiFang CMS up to 2.0.5. This affects the function mergeMultipartUpload of the file app/utils/base/plugin/Pfile.php. This manipulation of the argument File causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be...
CVE-2025-9400 YiFang CMS P_file.php mergeMultipartUpload unrestricted upload
A flaw has been found in YiFang CMS up to 2.0.5. This affects the function mergeMultipartUpload of the file app/utils/base/plugin/Pfile.php. This manipulation of the argument File causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be...
CVE-2025-9400 YiFang CMS P_file.php mergeMultipartUpload unrestricted upload
A flaw has been found in YiFang CMS up to 2.0.5. This affects the function mergeMultipartUpload of the file app/utils/base/plugin/Pfile.php. This manipulation of the argument File causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be...
CVE-2025-9400
YiFang CMS up to version 2.0.5 is affected by a vulnerability in the mergeMultipartUpload function of app/utils/base/plugin/P_file.php that allows unrestricted file uploads. The issue arises from how the File argument is handled, enabling remote exploitation. Public exploits have been published, ...