High severity7.8NVD Advisory· Published Mar 18, 2022· Updated Jun 17, 2026
CVE-2022-25581
CVE-2022-25581
Description
Classcms v2.5 and below contains an arbitrary file upload via the component \class\classupload. This vulnerability allows attackers to execute code injection via a crafted .txt file.
Affected products
2Patches
Vulnerability mechanics
References
1- github.com/k0xx11/Vulscve/blob/master/classcms2.5-rce.mdnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.