Medium severity6.3NVD Advisory· Published Mar 1, 2025· Updated Jun 17, 2026
CVE-2025-1791
CVE-2025-1791
Description
A vulnerability has been found in Zorlan SkyCaiji 2.9 and classified as critical. This vulnerability affects the function fileAction of the file vendor/skycaiji/app/admin/controller/Tool.php. The manipulation of the argument save_data leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Affected products
2Patches
Vulnerability mechanics
References
4- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdThird Party AdvisoryVDB Entry
- github.com/sheratan4/cve/issues/5nvdBroken Link
- vuldb.comnvdPermissions RequiredVDB Entry
News mentions
0No linked articles in our index yet.