CVE-2025-15143 | EyouCMS up to 1.7.6 Backend Template Management FilemanagerLogic.php content sql injection

A vulnerability classified as critical was found in EyouCMS up to 1.7.6. The affected element is an unknown function of the file /application/admin/logic/FilemanagerLogic.php of the component Backend Template Management. The manipulation of the argument content results in sql injection.

This vulnerability is known as CVE-2025-15143. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-15143 | EyouCMS up to 1.7.6 Backend Template Management FilemanagerLogic.php content sql injection

Post correlati

CVE-2025-55556 | Google TensorFlow 2.18.0

CVE-2021-47319 | Linux Kernel up to 5.13.3 virtio-blk memory leak

CVE-2024-8602 | Schweizerische Steuerkonferenz Library taxstatement.jar 2.2.2/2.2.4 on Windows PDF DocumentBuilder xml external entity reference

CVE-2023-51386 | awslabs sandbox-accounts-for-events up to 1.9.x privileges management (GHSA-p7w3-j66h-m7mx)