Vulnerabilities > CVE-2025-0482 - Unspecified vulnerability in Native-PHP-Cms Project Native-PHP-Cms 1.0

CVSS 7.3 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

LOW

network

low complexity

native-php-cms-project

NVD

Published: 2025-01-15

Updated: 2025-04-29

Summary

A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file /fladmin/user_recoverpwd.php. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Vulnerable Configurations

Part	Description	Count
Application	Native-Php-Cms_Project Native PHP CMS Project Native PHP CMS 1.0	1

References

https://github.com/Fanli2012/native-php-cms/issues/4
https://github.com/Fanli2012/native-php-cms/issues/4
https://github.com/Fanli2012/native-php-cms/issues/4#issue-2769866348
https://github.com/Fanli2012/native-php-cms/issues/4#issue-2769866348
https://vuldb.com/?ctiid.291927
https://vuldb.com/?id.291927
https://vuldb.com/?submit.475237