CVE-2025-15503 | Sangfor Operation and Maintenance Management System up to 3.0.8 common.jsp File unrestricted upload

A vulnerability was found in Sangfor Operation and Maintenance Management System up to 3.0.8. It has been rated as critical. The impacted element is an unknown function of the file /fort/trust/version/common/common.jsp. Performing a manipulation of the argument File results in unrestricted upload.

This vulnerability is reported as CVE-2025-15503. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-15503 | Sangfor Operation and Maintenance Management System up to 3.0.8 common.jsp File unrestricted upload

Post correlati

CVE-2024-40842 | Apple macOS up to 14.7 Environment Variable access control

CVE-2024-31083 | X.org X11 Server up to 21.1.11 ProcRenderAddGlyphs use after free

CVE-2025-40709 | ACDH-CH OpenAtlas 8.9.0 /insert/person/ name/alias-0 cross site scripting

CVE-2024-52008 | ethyca fides up to 2.49.x API Endpoint accept-invite client-side enforcement of server-side security (GHSA-v7vm-rhmg-8j2r)