CVE-2025-5511 | quequnlong shiyi-blog up to 1.2.1 photos improper authorization

Inserito da Angelo Barbosa | Giu 3, 2025 | CVE

A vulnerability, which was classified as critical, has been found in quequnlong shiyi-blog up to 1.2.1. This issue affects some unknown processing of the file /dev api/app/album/photos/. The manipulation leads to improper authorization.

The identification of this vulnerability is CVE-2025-5511. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-5511 | quequnlong shiyi-blog up to 1.2.1 photos improper authorization

Post correlati

CVE-2024-39471 | Linux Kernel up to 6.9.4 amdgpu sdma_v4_0_irq_id_to_seq out-of-bounds

CVE-2024-33979 | Janobe PayPal/Credit Card/Debit Card Payment 1.0 /index.php q/arrival/departure/accomodation cross site scripting

CVE-2024-4936 | Canto Plugin up to 3.0.8 on WordPress file inclusion

CVE-2024-31891 | IBM Storage Scale up to 5.1.9.6/5.2.1.1 unnecessary privileges