Vulnerability Description
A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file /fladmin/user_recoverpwd.php. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Native-Php-Cms Project | Native-Php-Cms | 1.0 |
Related Weaknesses (CWE)
References
- https://github.com/Fanli2012/native-php-cms/issues/4ExploitIssue TrackingVendor Advisory
- https://github.com/Fanli2012/native-php-cms/issues/4#issue-2769866348ExploitIssue TrackingVendor Advisory
- https://vuldb.com/?ctiid.291927Permissions RequiredVDB Entry
- https://vuldb.com/?id.291927Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.475237Third Party AdvisoryVDB Entry
- https://github.com/Fanli2012/native-php-cms/issues/4ExploitIssue TrackingVendor Advisory
- https://github.com/Fanli2012/native-php-cms/issues/4#issue-2769866348ExploitIssue TrackingVendor Advisory
FAQ
What is CVE-2025-0482?
CVE-2025-0482 is a vulnerability with a CVSS score of 7.3 (HIGH). A vulnerability, which was classified as critical, was found in Fanli2012 native-php-cms 1.0. This affects an unknown part of the file /fladmin/user_recoverpwd.php. The manipulation leads to use of de...
How severe is CVE-2025-0482?
CVE-2025-0482 has been rated HIGH with a CVSS base score of 7.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-0482?
Check the references section above for vendor advisories and patch information. Affected products include: Native-Php-Cms Project Native-Php-Cms.