ГлавнаяУязвимости → CVE-2025-55912
7.3высокая

CVE-2025-55912

Описание

An issue in ClipBucket 5.5.0 and prior versions allows an unauthenticated attacker can exploit the plupload endpoint in photo_uploader.php to upload arbitrary files without any authentication, due to missing access controls in the upload handler

Затрагиваемое ПО
Oxygenz Clipbucket
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://github.com/MacWarrior/clipbucket-v5/blob/5.5.0/upload/actions/photo_uploader.phphttps://github.com/MacWarrior/clipbucket-v5/releases?page=2https://github.com/MacWarrior/clipbucket-v5/tree/5.5.0https://medium.com/@mukund.s1337/cve-2025-55912-clipbucket-5-5-0-unauthenticated-arbitrary-file-upload-rce-720c0c0fbc58