CVE-2025-15422 | EmpireSoft EmpireCMS up to 8.0 IP Address e/class/connect.php egetip protection mechanism

Inserito da Angelo Barbosa | Gen 1, 2026 | CVE

A vulnerability marked as critical has been reported in EmpireSoft EmpireCMS up to 8.0. This issue affects the function egetip of the file e/class/connect.php of the component IP Address Handler. This manipulation causes protection mechanism failure.

This vulnerability appears as CVE-2025-15422. The attack may be initiated remotely. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-15422 | EmpireSoft EmpireCMS up to 8.0 IP Address e/class/connect.php egetip protection mechanism

Post correlati

CVE-2024-25447 | imlib2 1.9.1 Image imlib_load_image_with_error_return heap-based overflow

CVE-2024-20289 | Cisco NX-OS up to 10.4(2) CLI os command injection (cisco-sa-nxos-cmdinj-Lq6jsZhH)

CVE-2025-24528 | MIT Kerberos 5 1.7 Incremental Propagation kadmind memory corruption

CVE-2024-2574 | SourceCodester Employee Task Management System 1.0 /edit-task.php task_id authorization