Medium severity5.4NVD Advisory· Published Jun 3, 2025· Updated Jun 17, 2026
CVE-2025-45855
CVE-2025-45855
Description
An arbitrary file upload vulnerability in the component /upload/GoodsCategory/image of erupt v1.12.19 allows attackers to execute arbitrary code via uploading a crafted file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
xyz.erupt:eruptMaven | <= 1.12.19 | — |
Affected products
2Patches
Vulnerability mechanics
References
5- gist.github.com/Cafe-Tea/b72d442be434e1dafe7810c938892b06nvdThird Party AdvisoryWEB
- github.com/advisories/GHSA-5gr5-vmmr-82g6ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-45855ghsaADVISORY
- www.erupt.xyzghsaWEB
- www.erupt.xyznvdProduct
News mentions
0No linked articles in our index yet.