VYPR
Critical severity9.8NVD Advisory· Published Apr 18, 2025· Updated Jun 17, 2026

CVE-2025-29058

CVE-2025-29058

Description

An issue in Qimou CMS v.3.34.0 allows a remote attacker to execute arbitrary code via the upgrade.php component.

Affected products

2
  • Qimou/Qimou CMSdescription
  • Qimou/CMSllm-create
    Range: 3.34.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.