VYPR
Critical severity9.8NVD Advisory· Published Apr 10, 2017· Updated Jun 17, 2026

CVE-2017-7625

CVE-2017-7625

Description

In Fiyo CMS 2.x through 2.0.7, attackers may upload a webshell via the content parameter to "/dapur/apps/app_theme/libs/save_file.php" and then execute code.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • Fiyo/FiyoCMS6 versions
    cpe:2.3:a:fiyo:fiyo_cms:2.0:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:fiyo:fiyo_cms:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:fiyo:fiyo_cms:2.0.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:fiyo:fiyo_cms:2.0.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:fiyo:fiyo_cms:2.0.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fiyo:fiyo_cms:2.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:fiyo:fiyo_cms:2.0.7:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.