CVE-2025-29866 | TAGFREE X-Free Uploader XFU prior 1.0.1.0085/2.0.1.0035 file inclusion

Inserito da Angelo Barbosa | Ago 7, 2025 | CVE

A vulnerability classified as critical has been found in TAGFREE X-Free Uploader XFU. Affected is an unknown function. The manipulation leads to file inclusion.

This vulnerability is traded as CVE-2025-29866. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-29866 | TAGFREE X-Free Uploader XFU prior 1.0.1.0085/2.0.1.0035 file inclusion

Post correlati

CVE-2023-6323 | ThroughTek Kalay SDK prior 4.3.4.2 Message data authenticity

CVE-2025-52164 | Agorum Core Open 11.9.2/11.10.1 missing encryption

CVE-2025-6436 | Mozilla Firefox up to 139 memory corruption

CVE-2025-4446 | H3C GR-5400AX up to 100R008 /goform/aspForm Edit_List_SSID param buffer overflow