Medium severity4.7NVD Advisory· Published Apr 28, 2025· Updated Apr 15, 2026

CVE-2025-4006

Description

A vulnerability classified as critical has been found in youyiio BeyongCms 1.6.0. Affected is an unknown function of the file /admin/theme/Upload.html of the component Document Management Page. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

vuldb.comnvd
vuldb.comnvd
vuldb.comnvd
wiki.shikangsi.com/post/share/7e2d3cf9-6463-4331-a1f5-c270d5695266nvd

News mentions

No linked articles in our index yet.

cvss	0.306
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000