monst

2 exploits Active since Sep 2025
CVE-2025-10993 GITEE MEDIUM php
muyucms < 2.7 - Remote Code Execution in Template Management
A security flaw has been discovered in MuYuCMS up to 2.7. Affected by this issue is some unknown functionality of the file /admin.php of the component Template Management. The manipulation results in code injection. It is possible to launch the attack remotely.
58 stars
CVSS 4.7
CVE-2025-10787 GITEE MEDIUM php
MuYuCMS < 2.7 - Server-Side Request Forgery via Link URL Parameter
A vulnerability was found in MuYuCMS up to 2.7. Impacted is an unknown function of the file /index/index.html of the component Add Fiend Link Handler. Performing manipulation of the argument Link URL results in server-side request forgery. The attack may be initiated remotely. The exploit has been made public and could be used.
58 stars
CVSS 6.3