Vulnerability Description
A vulnerability was found in BoyunCMS up to 1.4.20. It has been rated as critical. This issue affects some unknown processing of the file /application/pay/controller/Index.php of the component curl. The manipulation leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Boyuncms Project | Boyuncms | >= 1.4, <= 1.4.20 |
Related Weaknesses (CWE)
References
- https://note-hxlab.wetolink.com/share/gRI0WyQLQsmdBroken Link
- https://vuldb.com/?ctiid.315017Permissions RequiredVDB Entry
- https://vuldb.com/?id.315017Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.604403Third Party AdvisoryVDB Entry
- https://note-hxlab.wetolink.com/share/gRI0WyQLQsmdBroken Link
FAQ
What is CVE-2025-7103?
CVE-2025-7103 is a vulnerability with a CVSS score of 6.3 (MEDIUM). A vulnerability was found in BoyunCMS up to 1.4.20. It has been rated as critical. This issue affects some unknown processing of the file /application/pay/controller/Index.php of the component curl. T...
How severe is CVE-2025-7103?
CVE-2025-7103 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-7103?
Check the references section above for vendor advisories and patch information. Affected products include: Boyuncms Project Boyuncms.