CVE-2025-0346 | code-projects Content Management System 1.0 Publish News Page /admin/publishnews.php image unrestricted upload

Posted by Angelo Barbosa | Jan 8, 2025 | CVE

A vulnerability was found in code-projects Content Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/publishnews.php of the component Publish News Page. The manipulation of the argument image leads to unrestricted upload.

This vulnerability is uniquely identified as CVE-2025-0346. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2025-0346 | code-projects Content Management System 1.0 Publish News Page /admin/publishnews.php image unrestricted upload

Related Posts

CVE-2024-28200 | N-able N-central 2023.4/2023.6 User Interface authentication bypass

CVE-2023-7046 | WP Encryption Plugin up to 7.0 on WordPress information disclosure

CVE-2024-23678 | Splunk Enterprise up to 9.0.7/9.1.2 on Windows deserialization (SVD-2024-0108)

CVE-2024-25865 | hexo-theme-anzhiyu 1.6.12 Algolia Search cross site scripting (Issue 200)