CVE-2025-10993

Summary

A security flaw has been discovered in MuYuCMS up to 2.7. Affected by this issue is some unknown functionality of the file /admin.php of the component Template Management. The manipulation results in code injection. It is possible to launch the attack remotely.

Affected Software

VendorProductVersion RangeStatus
n/aMuYuCMS2.0affected
n/aMuYuCMS2.1affected
n/aMuYuCMS2.2affected
n/aMuYuCMS2.3affected
n/aMuYuCMS2.4affected
n/aMuYuCMS2.5affected
n/aMuYuCMS2.6affected
n/aMuYuCMS2.7affected

Weaknesses

  • CWE-94: Code Injection
  • CWE-74: Injection

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References