CVE-2025-5427 – Juzaweb CMS Permalinks Page Remote Access Control Bypass Vulnerability

June 2, 2025

CVE ID : CVE-2025-5427

Published : June 2, 2025, 4:15 a.m. | 3 hours, 6 minutes ago

Description : A vulnerability was found in juzaweb CMS up to 3.4.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin-cp/permalinks of the component Permalinks Page. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5428 – Juzaweb CMS Remote Improper Access Controls Vulnerability

Next Article CVE-2024-11857 – Realtek Bluetooth HCI Adaptor Link Following Privilege Escalation

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

SteelSeries reveals new Arctis Nova 3 Wireless headset series for Xbox, PlayStation, Nintendo Switch, and PC

The Witcher 4 looks absolutely amazing in UE5 technical presentation at State of Unreal 2025

Razer’s having another go at making it so you never have to charge your wireless gaming mouse, and this time it might have nailed it

Alienware’s rumored laptop could be the first to feature NVIDIA’s revolutionary Arm-based APU

easy-live2d – About Make your Live2D as easy to control as a pixi sprite! Live2D Web SDK based on Pixi.js.

easy-live2d – About Make your Live2D as easy to control as a pixi sprite! Live2D Web SDK based on Pixi.js.

From Kitchen To Conversion

Perficient Included in Forrester’s AI Technical Services Landscape, Q2 2025

SteelSeries reveals new Arctis Nova 3 Wireless headset series for Xbox, PlayStation, Nintendo Switch, and PC

SteelSeries reveals new Arctis Nova 3 Wireless headset series for Xbox, PlayStation, Nintendo Switch, and PC

The Witcher 4 looks absolutely amazing in UE5 technical presentation at State of Unreal 2025

Razer’s having another go at making it so you never have to charge your wireless gaming mouse, and this time it might have nailed it

CVE-2025-5427 – Juzaweb CMS Permalinks Page Remote Access Control Bypass Vulnerability

Alert: Malicious RubyGems Impersonate Fastlane Plugins, Steal CI/CD Data

Critical CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed

Microsoft’s Copilot for Gaming arrives in beta – how to try it on your phone

CVE-2024-42699 – OpenCMS Cross-Site Scripting (XSS)

Distribution Release: 4MLinux 47.0

Microsoft Edge Bing’s new tactic tries to steer users away from Chrome again

Oblivion Remastered loses the most helpful settings on PC thanks to a botched Game Pass update

This ultra-thin power bank is my new favorite traveling accessory – and it’s affordable

CISA Advances Open-Source Software Security with Strategic Initiatives and Community Collaboration

My Cup Size is Stanley Shirt

CVE-2025-5427 – Juzaweb CMS Permalinks Page Remote Access Control Bypass Vulnerability

Related Posts