CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-29287

An arbitrary file upload vulnerability in the ueditor component of MCMS v5.4.3 allows attackers to execute arbitrary code via uploading a crafted file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.7%

CVSS Severity

CVSS v3 Score 9.8

References

http://cms.com
https://gist.github.com/erdan111/38dcb5150b523436fe01249b2542f02f#file-cve-2025-29287
https://gitee.com/mingSoft/MCMS/issues/IBOOTX
https://gitee.com/mingSoft/MCMS/issues/IBOOTX

Products affected by CVE-2025-29287

Mingsoft » Mcms » Version: 5.4.3

cpe:2.3:a:mingsoft:mcms:5.4.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-29287

Products

Pricing

Contact Us