CVE-2025-39402 – Mojoomla WPAMS Unrestricted File Upload Remote Code Execution

May 19, 2025

CVE ID : CVE-2025-39402

Published : May 19, 2025, 8:15 p.m. | 3 hours, 59 minutes ago

Description : Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla WPAMS allows Upload a Web Shell to a Web Server.This issue affects WPAMS: from n/a through 44.0 (17-08-2023).

Severity: 9.9 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46441 – CTLTWP Section Widget Path Traversal Vulnerability

Next Article CVE-2025-39401 – Mojoomla WPAMS Unrestricted File Upload Vulnerability

Highlights

CVE-2025-3816 – Westboy CicadasCMS OS Command Injection Vulnerability

April 20, 2025

CVE ID : CVE-2025-3816

Published : April 19, 2025, 6:15 p.m. | 20 hours, 34 minutes ago

Description : A vulnerability classified as critical was found in westboy CicadasCMS 2.0. This vulnerability affects unknown code of the file /system/schedule/save of the component Scheduled Task Handler. The manipulation leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

10 Top Node.js Development Companies for Enterprise-Scale Projects (2025-2026 Ranked & Reviewed)

12 Must-Know Cost Factors When Hiring Node.js Developers for Your Enterprise

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

“A fantastic device for creative users” — this $550 discount on ASUS’s 3K OLED creator laptop disappears before Prime Day

Distribution Release: Rhino Linux 2025.3

Just days after joining Game Pass, the Xbox PC edition of Call of Duty: WW2 is taken offline for “an issue”

Xbox layoffs and game cuts wreak havoc on talented developers and the company’s future portfolio — Weekend discussion 💬

Flaget – new small 5kB CLI argument parser

Flaget – new small 5kB CLI argument parser

The dog days of JavaScript summer

Databricks Lakebase – Database Branching in Action

“A fantastic device for creative users” — this $550 discount on ASUS’s 3K OLED creator laptop disappears before Prime Day

“A fantastic device for creative users” — this $550 discount on ASUS’s 3K OLED creator laptop disappears before Prime Day

Distribution Release: Rhino Linux 2025.3

EmptyEpsilon – spaceship bridge simulator game

CVE-2025-39402 – Mojoomla WPAMS Unrestricted File Upload Remote Code Execution

CVE-2025-1317 – Apache HTTP Server Remote Code Execution Vulnerability

CVE-2025-1318 – CVE-2022-1234: Cisco WebEx Meeting Center Unvalidated Redirect

CVE-2025-5194 – WordPress Map Block Stored Cross-Site Scripting

AI Color Palette Generator

Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware

CVE-2024-57233 – NETGEAR RAX5 Command Injection Vulnerability

CVE-2025-3816 – Westboy CicadasCMS OS Command Injection Vulnerability

How Agentic AI Will Revolutionize Business Automation in 2025🤖

CVE-2025-52101 – Linjiashop JWT Authentication Access Control Bypass

CVE-2025-20199 – “Cisco IOS XE CLI Privilege Escalation Vulnerability”

CVE-2025-39402 – Mojoomla WPAMS Unrestricted File Upload Remote Code Execution

Related Posts