A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file /fladmin/user_recoverpwd.php. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://github.com/Fanli2012/native-php-cms/issues/4 | Exploit Issue Tracking Vendor Advisory |
https://github.com/Fanli2012/native-php-cms/issues/4#issue-2769866348 | Exploit Issue Tracking Vendor Advisory |
https://vuldb.com/?ctiid.291927 | Permissions Required VDB Entry |
https://vuldb.com/?id.291927 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.475237 | Third Party Advisory VDB Entry |
https://github.com/Fanli2012/native-php-cms/issues/4 | Exploit Issue Tracking Vendor Advisory |
https://github.com/Fanli2012/native-php-cms/issues/4#issue-2769866348 | Exploit Issue Tracking Vendor Advisory |
Configurations
History
29 Apr 2025, 20:23
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:native-php-cms_project:native-php-cms:1.0:*:*:*:*:*:*:* | |
First Time |
Native-php-cms Project
Native-php-cms Project native-php-cms |
|
CWE | NVD-CWE-Other | |
References | () https://github.com/Fanli2012/native-php-cms/issues/4 - Exploit, Issue Tracking, Vendor Advisory | |
References | () https://github.com/Fanli2012/native-php-cms/issues/4#issue-2769866348 - Exploit, Issue Tracking, Vendor Advisory | |
References | () https://vuldb.com/?ctiid.291927 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?id.291927 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.475237 - Third Party Advisory, VDB Entry | |
Summary |
|
15 Jan 2025, 21:15
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/Fanli2012/native-php-cms/issues/4 - | |
References | () https://github.com/Fanli2012/native-php-cms/issues/4#issue-2769866348 - |
15 Jan 2025, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-01-15 20:15
Updated : 2025-04-29 20:23
NVD link : CVE-2025-0482
Mitre link : CVE-2025-0482
CVE.ORG link : CVE-2025-0482
JSON object : View
Products Affected
native-php-cms_project
- native-php-cms