CVE-2025-0482

High

A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file…

VulDB·CWE-1392·Published 2025-01-15

CVSS

7.3

EPSS

0.01

KEV

Exploits

cve.orgde

379 chars

Es wurde eine kritische Schwachstelle in Fanli2012 native-php-cms 1.0 gefunden. Es geht dabei um eine nicht klar definierte Funktion der Datei /fladmin/user_recoverpwd.php. Durch das Beeinflussen mit unbekannten Daten kann eine use of default credentials-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.

cve.orgen

328 chars

A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file /fladmin/user_recoverpwd.php. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

NVDen

328 chars

NVDes

338 chars

Se ha encontrado una vulnerabilidad clasificada como crítica en Fanli2012 native-php-cms 1.0. Afecta a una parte desconocida del archivo /fladmin/user_recoverpwd.php. La manipulación lleva al uso de credenciales predeterminadas. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al público y puede ser utilizado.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	cve.org	7.5	—	—	AV:N/AC:L/Au:N/C:P/I:P/A:P
2.0	Primary	cve.org	7.5	—	—	AV:N/AC:L/Au:N/C:P/I:P/A:P
2.0	Secondary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.0	Primary	cve.org	7.3	—	—	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
3.0	Primary	cve.org	7.3	—	—	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
3.1	Primary	cve.org	7.3	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
3.1	Primary	NVD	7.3	3.9	3.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
3.1	Primary	cve.org	7.3	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
3.1	Secondary	NVD	7.3	3.9	3.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
4.0	Primary	cve.org	6.9	—	—	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
4.0	Primary	cve.org	6.9	—	—	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
4.0	Secondary	NVD	6.9	—	—	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X