Filtered by vendor Webreinvent Subscriptions
Filtered by product Vaahcms Subscriptions

Search

Switch to Advanced Search (Beta)
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-61183 1 Webreinvent 1 Vaahcms 2025-10-09 6.1 Medium
Cross Site Scripting in vaahcms v.2.3.1 allows a remote attacker to execute arbitrary code via upload method in the storeAvatar() method of UserBase.php