CVE-2025-25223 | LuxSoft LuxCal Web Calendar dloader.php path traversal

Inserito da Angelo Barbosa | Feb 18, 2025 | CVE

A vulnerability was found in LuxSoft LuxCal Web Calendar. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file dloader.php. The manipulation leads to path traversal.

This vulnerability is known as CVE-2025-25223. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-25223 | LuxSoft LuxCal Web Calendar dloader.php path traversal

Post correlati

CVE-2023-6351 | Google Chrome prior 119.0.6045.199 libavif use after free

CVE-2024-27567 | LBT T300-T390 2.2.1.8 HTTP POST Request config_vpn_pptp vpn_client_ip stack-based overflow

CVE-2024-7076 | Semtek Sempos up to 31072024 sql injection

CVE-2023-7232 | Backup and Restore Plugin up to 1.45 on WordPress Log File information disclosure