Mccms@2.7 Security Vulnerabilities and Issues — Mccms@2.7 CVE List

Lucene search

ChshcmsMccms2.7

3 matches found

CVE•added 2025/05/29 9:15 p.m.•46 views

CVE-2025-5328

A vulnerability was found in chshcms mccms 2.7. It has been declared as critical. This vulnerability affects the function restore_del of the file /sys/apps/controllers/admin/Backups.php. The manipulation of the argument dirs leads to path traversal. The attack can be initiated remotely. The exploit...

8.8CVSS7AI score0.00043EPSS

CVE•added 2025/05/29 9:15 p.m.•45 views

CVE-2025-5327

A vulnerability was found in chshcms mccms 2.7. It has been classified as critical. This affects the function index of the file sys/apps/controllers/api/Gf.php. The manipulation of the argument pic leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has...

8.8CVSS6.4AI score0.00042EPSS

CVE•added 2025/07/14 5:15 p.m.•7 views

CVE-2025-51651

An authenticated arbitrary file download vulnerability in the component /admin/Backups.php of Mccms v2.7.0 allows attackers to download arbitrary files via a crafted GET request.

5.5CVSS6.9AI score0.00032EPSS