Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-6002

An unrestricted file upload vulnerability exists in the Product Image section of the VirtueMart backend. Authenticated attackers can upload files with arbitrary extensions, including executable or malicious files, potentially leading to remote code execution or other security impacts depending on server configuration.

Published

2025-06-11T17:15:43.253

Last Modified

2025-06-12T16:06:20.180

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 7.2 (HIGH)

Weaknesses

Type: Secondary
CWE-434

Affected Vendors & Products

References

https://blog.blacklanternsecurity.com/p/doomla-zero-days ([email protected])