VYPR
Unrated severityNVD Advisory· Published Nov 5, 2025· Updated Nov 5, 2025

CVE-2025-57130

CVE-2025-57130

Description

An Incorrect Access Control vulnerability in the user management component of ZwiiCMS up to v13.6.07 allows a remote, authenticated attacker to escalate their privileges. By sending a specially crafted HTTP request, a low-privilege user can access and modify the profile data of any other user, including administrators.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • ZwiiCMS/ZwiiCMScpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <=13.6.07

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.