exploitDog

CVE-2025-63686

Опубликовано: 07 нояб. 2025

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

There is an arbitrary file download vulnerability in GuoMinJim PersonManage thru commit 5a02b1ab208feacf3a34fc123c9381162afbaa95 (2020-11-23) in the document query function under the Download Center menu in the PersonManage system.

Ссылки

https://gist.github.com/LockeTom/95b2a47f2dcb27e62690754993a4c7cd
Exploit
Third Party Advisory
https://github.com/GuoMinJim/PersonManage/issues/10
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:guominjim:personmanage:*:*:*:*:*:*:*:*

Версия до 1.0 (включая)

EPSS

Процентиль: 22%

0.00072

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-284

Связанные уязвимости

GHSA-4wvp-cwq3-wg7g

CVSS3: 6.5

github

3 месяца назад

There is an arbitrary file download vulnerability in GuoMinJim PersonManage thru commit 5a02b1ab208feacf3a34fc123c9381162afbaa95 (2020-11-23) in the document query function under the Download Center menu in the PersonManage system.

EPSS

Процентиль: 22%

0.00072

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-284