CVE-2025-64050 – REDAXO CMS Remote Code Execution (RCE)

CVE ID : CVE-2025-64050

Published : Nov. 25, 2025, 4:16 p.m. | 1 hour, 7 minutes ago

Description : A Remote Code Execution (RCE) vulnerability in the template management component in REDAXO CMS 5.20.0 allows remote authenticated administrators to execute arbitrary operating system commands by injecting PHP code into an active template. The payload is executed when visitors access frontend pages using the compromised template.

Severity: 7.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-58360 – GeoServer is vulnerable to an Unauthenticated XML External Entities (XXE) attack via WMS GetMap feature

CVE-2025-9624 – OpenSearch 3.2.0 – Nested Boolean/Disjunction asymmetric DoS

CVE-2025-66017 – CGGMP21 presignatures can be used in the way that significantly reduces security

CVE-2025-66016 – CGGMP24 is missing a check in the ZK proof used in CGGMP21