15Şub
CVE-2025-1336 | CmsEasy 7.7.7.9 image_admin.php deleteimg_action imgname path traversal
A vulnerability has been found in CmsEasy 7.7.7.9 and classified as problematic. Affected by this vulnerability is the functiondeleteimg_action in the library lib/admin/image_admin.php. The manipulation of the argument imgname leads to path traversal.
This vulnerability is known as CVE-2025-1336. The attack can be launched remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
The vendor was contacted early about this disclosure but did not respond in any way.
