CVE-2025-45855
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-45855
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-45855.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-45855
- Aliases
- Published
- 2025-06-03T14:15:48Z
- Modified
- 2025-07-01T16:32:17.083849Z
- Summary
- [none]
- Details
-
An arbitrary file upload vulnerability in the component /upload/GoodsCategory/image of erupt v1.12.19 allows attackers to execute arbitrary code via uploading a crafted file.
- References
Affected packages
Git / github.com/erupts/erupt
Affected ranges
- Type
- GIT
- Repo
- https://github.com/erupts/erupt
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
1.*
1.10.1
1.10.10
1.10.11
1.10.12
1.10.13
1.10.14
1.10.15
1.10.3
1.10.4
1.10.5
1.10.6
1.10.7
1.10.8
1.10.9
1.11.1
1.11.2
1.11.3
1.11.4
1.11.5
1.11.6
1.11.7
1.12.0
1.12.1
1.12.10
1.12.11
1.12.12
1.12.13
1.12.14
1.12.15
1.12.16
1.12.17
1.12.18
1.12.19
1.12.2
1.12.3
1.12.4
1.12.5
1.12.7
1.12.8
1.12.9
1.6.10
1.6.11
1.6.12
1.6.13
1.6.14
1.6.15
1.6.16
1.6.9
1.7.0
1.7.1
1.7.2
1.7.3
1.8.0
1.8.1
1.8.2
1.8.3
1.8.4
1.8.5
1.9.0
1.9.1
1.9.2
1.9.3