CVE-2025-1791 | Zorlan SkyCaiji 2.9 Tool.php fileAction save_data unrestricted upload

CVE-2025-1791 | Zorlan SkyCaiji 2.9 Tool.php fileAction save_data unrestricted upload

A vulnerability has been found in Zorlan SkyCaiji 2.9 and classified as critical. This vulnerability affects the function fileAction of the file vendor/skycaiji/app/admin/controller/Tool.php. The manipulation of the argument save_data leads to unrestricted upload. This vulnerability was named CVE-2025-1791. The attack can be initiated remotely. Furthermore, there is an exploit available.