CVE-2025-5327 – “Chshcms MCCMS Gf.php Server-Side Request Forgery Vulnerability”

May 29, 2025

CVE ID : CVE-2025-5327

Published : May 29, 2025, 9:15 p.m. | 18 minutes ago

Description : A vulnerability was found in chshcms mccms 2.7. It has been classified as critical. This affects the function index of the file sys/apps/controllers/api/Gf.php. The manipulation of the argument pic leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5328 – “Chshcms McCms Remote Path Traversal Vulnerability”

Next Article CVE-2025-5326 – Zhilink ADP Application Developer Platform Deserialization Vulnerability

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Smashing Animations Part 4: Optimising SVGs

I test AI tools for a living. Here are 3 image generators I actually use and how

The world’s smallest 65W USB-C charger is my latest travel essential

This Spotlight alternative for Mac is my secret weapon for AI-powered search

Tech prophet Mary Meeker just dropped a massive report on AI trends – here’s your TL;DR

Beyond AEM: How Adobe Sensei Powers the Full Enterprise Experience

Beyond AEM: How Adobe Sensei Powers the Full Enterprise Experience

Simplify Negative Relation Queries with Laravel’s whereDoesntHaveRelation Methods

Cast Model Properties to a Uri Instance in 12.17

My Favorite Obsidian Plugins and Their Hidden Settings

My Favorite Obsidian Plugins and Their Hidden Settings

Rilasciata /e/OS 3.0: Nuova Vita per Android Senza Google, Più Privacy e Controllo per l’Utente

Rilasciata Oracle Linux 9.6: Scopri le Novità e i Miglioramenti nella Sicurezza e nelle Prestazioni

CVE-2025-5327 – “Chshcms MCCMS Gf.php Server-Side Request Forgery Vulnerability”

HPE StoreOnce Faces Critical CVE-2025-37093 Vulnerability — Urges Immediate Patch Upgrade

Google fixes Chrome zero-day with in-the-wild exploit (CVE-2025-5419)

Maven TestNG multiple suites in different folders

Microsoft rolls KB5039302 out again, allowing users to access CloudPC in Windows 11 without issues

CVE-2025-43915 – Linkerd Proxy Resource Exhaustion Vulnerability

Bitwarden CLI – access and manage your vault

Smart Vape Cyber Pro 30K Puffs Disposable Vape

CVE-2025-31189 – Apple macOS Sandbox Escalation

grex generates regular expressions from user-provided test cases

People are Googling fake sayings to see AI Overviews explain them – and it’s hilarious

CVE-2025-5327 – “Chshcms MCCMS Gf.php Server-Side Request Forgery Vulnerability”

Related Posts