CVE-2025-4291 | IdeaCMS up to 1.6 saveUpload unrestricted upload (IC32SB)

Inserito da Angelo Barbosa | Mag 5, 2025 | CVE

A vulnerability, which was classified as critical, was found in IdeaCMS up to 1.6. Affected is the function saveUpload. The manipulation leads to unrestricted upload.

This vulnerability is traded as CVE-2025-4291. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2025-4291 | IdeaCMS up to 1.6 saveUpload unrestricted upload (IC32SB)

Post correlati

CVE-2024-36041 | KDE Plasma Workspace Session Restore ksmserver/server.cpp user session

CVE-2024-37315 | Nextcloud Server up to 26.0.11/27.1.6/28.0.2 files_versions access control

CVE-2024-51713 | TRe Technology and Research HQ60 Fidelity Card Plugin up to 1.8 on WordPress cross site scripting

CVE-2024-20115 | MediaTek MT8195 Ccu out-of-bounds write (MSV-1713 / ALPS09036695)