Filtered by vendor Matthewdeaves
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-12331 | 1 Matthewdeaves | 1 Willow Cms | 2025-12-08 | 5.8 MEDIUM | 4.7 MEDIUM |
| A weakness has been identified in Willow CMS up to 1.4.0. Impacted is an unknown function of the file /admin/images/add. This manipulation causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. | |||||
| CVE-2025-12330 | 1 Matthewdeaves | 1 Willow Cms | 2025-12-08 | 3.3 LOW | 2.4 LOW |
| A security flaw has been discovered in Willow CMS up to 1.4.0. This issue affects some unknown processing of the file /admin/articles/add of the component Add Post Page. The manipulation of the argument title/body results in cross site scripting. The attack may be launched remotely. The exploit has been released to the public and may be exploited. | |||||