CVE-2025-45855

Published June 3rd, 2025

View on NVD ↗

CVSS v3

5.4

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

An arbitrary file upload vulnerability in the component /upload/GoodsCategory/image of erupt v1.12.19 allows attackers to execute arbitrary code via uploading a crafted file.

erupts/erupt

MDD & Annotation-driven Low-code Data platform & AI Harness

GitHub

2.73K