CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Webreinvent: >> Vaahcms Security Vulnerabilities

CVE-2025-61183

Cross Site Scripting in vaahcms v.2.3.1 allows a remote attacker to execute arbitrary code via upload method in the storeAvatar() method of UserBase.php

CVSS Score

6.1

EPSS Score

0.001

Published

2025-10-08

Page 1

Vulnerabilities

Vulnerable Software

Webreinvent: >> Vaahcms Security Vulnerabilities

Products

Pricing

Contact Us