CVE-2025-31103

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions a-blog cms (affected versions not specified)

Description A critical issue exists due to the deserialization of untrusted data in a-blog cms, allowing an attacker to store arbitrary files on the server. This can lead to the execution of arbitrary scripts on the server. The issue poses severe risks and requires immediate attention to protect web servers from potential exploitation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-502

Related Identifiers

CVE-2025-31103

Affected Products

A-Blog Cms

CVE-2025-31103

Weakness Enumeration

Related Identifiers

Affected Products

References · 16