Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com

CVE-2022-25581

Description

Classcms v2.5 and below contains an arbitrary file upload via the component \class\classupload. This vulnerability allows attackers to execute code injection via a crafted .txt file.

POC

Reference

No PoCs from references.

Github

- https://github.com/ARPSyndicate/cvemon

- https://github.com/PuddinCat/GithubRepoSpider

- https://github.com/k0xx11/Vulscve

- https://github.com/plzheheplztrying/cve_monitor

- https://github.com/wooluo/CVE-2022-25581