Vulnerabilities

CVE-2025-15187 - GreenCMS File DataController.class.php path traversal

2025-12-29 0 views admin

CVE ID : CVE-2025-15187 Published : Dec. 29, 2025, 12:15 p.m. | 1 hour, 43 minutes ago Description : A vulnerability was found in GreenCMS up to 2.3. This affects an unknown part of the file /DataController.class.php of the component File Handler. Performing manipulation of the argument sqlFiles/zipFiles results in path traversal. The attack can be initiated remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer. Severity: 5.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2025-15187

Severity

MEDIUM

Published

Dec. 29, 2025

Affected Product: php

Impact: path traversal

Source: Telegram CVE Monitor

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2025-15187mediumphp

CVE-2025-15187 - GreenCMS File DataController.class.php path traversal

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2025-57460 - Machsol MachPanel Remote File Upload Web Shell Vulnerability

CVE-2025-15191 - D-Link DWR-M920 formLtefotaUpgradeFibocom sub_4155B4 command injection

CVE-2025-15193 - D-Link DWR-M920 formParentControl sub_423848 buffer overflow

CVE-2025-15192 - D-Link DWR-M920 formLtefotaUpgradeQuectel sub_415328 command injection

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting