CVE-2025-5327 – “Chshcms MCCMS Gf.php Server-Side Request Forgery Vulnerability”

May 29, 2025

CVE ID : CVE-2025-5327

Published : May 29, 2025, 9:15 p.m. | 18 minutes ago

Description : A vulnerability was found in chshcms mccms 2.7. It has been classified as critical. This affects the function index of the file sys/apps/controllers/api/Gf.php. The manipulation of the argument pic leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5328 – “Chshcms McCms Remote Path Traversal Vulnerability”

Next Article CVE-2025-5326 – Zhilink ADP Application Developer Platform Deserialization Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

The Alters: Release date, mechanics, and everything else you need to know

I’ve fallen hard for Starsand Island, a promising anime-style life sim bringing Ghibli vibes to Xbox and PC later this year

This new official Xbox 4TB storage card costs almost as much as the Xbox SeriesXitself

I may have found the ultimate monitor for conferencing and productivity, but it has a few weaknesses

May report 2025

May report 2025

Write more reliable JavaScript with optional chaining

Deploying a Scalable Next.js App on Vercel – A Step-by-Step Guide

The Alters: Release date, mechanics, and everything else you need to know

The Alters: Release date, mechanics, and everything else you need to know

I’ve fallen hard for Starsand Island, a promising anime-style life sim bringing Ghibli vibes to Xbox and PC later this year

This new official Xbox 4TB storage card costs almost as much as the Xbox SeriesXitself

CVE-2025-5327 – “Chshcms MCCMS Gf.php Server-Side Request Forgery Vulnerability”

⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More

Exploitation Risk Grows for Critical Cisco Bug

CVE-2024-41446 – Alkacon OpenCMS Stored XSS Vulnerability

CVE-2025-42603 – Meon KYC Plain Text Data Exposure

Generate training data and cost-effectively train categorical models with Amazon Bedrock

Safeguarding your browsing history | Kaspersky official blog

After new update, Call of Duty players report “Connecting” matchmaking bug in Warzone and Black Ops 6

Microsoft’s latest Windows 11 security update reiterates why public Wi-Fi is a hacker’s paradise

New Guide: How to Scale Your vCISO Services Profitably

CVE-2025-4189 – WordPress Audio Comments Plugin CSRF

CVE-2025-5327 – “Chshcms MCCMS Gf.php Server-Side Request Forgery Vulnerability”

Related Posts