VYPR
Unrated severityNVD Advisory· Published May 31, 2025· Updated Jun 2, 2025

Yifang CMS Admin Panel downloadFile path traversal

CVE-2025-5381

Description

A vulnerability, which was classified as problematic, was found in Yifang CMS up to 2.0.2. Affected is the function downloadFile of the file /api/File/downloadFile of the component Admin Panel. The manipulation of the argument File leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Statamic/CMSllm-fuzzy
    Range: <=2.0.2
  • Yifang/CMSv5
    Range: 2.0.0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.